Calero Verasmart
3 CVEs affecting Calero Verasmart. Latest disclosed: 2026-02-13. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26335 | Critical | 9.8 | 2026-02-13 | Calero VeraSMART versions prior to 2022 R1 use static ASP.NET/IIS machineKey values configured for the VeraSMART web application and stored in C:\\Program File… |
CVE-2026-26333 | Critical | 9.8 | 2026-02-13 | Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs (inc… |
CVE-2026-26334 | High | 7.8 | 2026-02-13 | Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll (Veramark.Core.Config class). These keys… |