Pharos Controls Mosaic Show Controller Missing Authentication Vulnerability Allowing Root Command Execution

Vulnerability

A vulnerability allowing missing authentication for critical functions has been identified in Pharos Controls Mosaic Show Controller firmware version 2.15.3. This vulnerability could enable an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands with root privileges on the affected system.

Added: Mar 24, 2026, 7:40 PM

Updated: Mar 24, 2026, 7:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

4.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

4.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Pharos Controls Mosaic Show Controller Missing Authentication Vulnerability Allowing Root Command Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating