Radiometer Products Remote Code Execution and Unauthorized Device Management Vulnerability

A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management under specific internal conditions. Exploitation requires an established remote connection, with additional information obtained through other means. The issue stems from a weakness in the analyzer's application software. Affected customers have been informed about this vulnerability. This CVE is being published to provide transparency.

Impact

Successful exploitation allows for remote code execution and unauthorized management of the affected device.

Reproduction

The vulnerability can be reproduced by establishing a remote connection to the affected analyzer model with the application software version in use and the remote support feature enabled. Additional information, not specified in the context, is required to exploit the vulnerability.

Remediation

Customers should ensure their network is secure and follows best practices. Local Radiometer representatives will contact affected customers to discuss a permanent solution.