CVE-2026-1775
CWE-306Published: March 3, 2026· Updated: Mar 4, 2026
Official Description
The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device.
Technical Analysis
CVE-2026-1775 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2026-1775
View CSAF Summary Successful exploitation of this vulnerability could allow attackers to gain unauthorized control over system operations, leading to disruption of normal functionality and potential safety hazards. The following versions of Labkotec LID-3300IP are affected: LID-3300IP vers:all/* LID-3300IP Type 2 CVSS Vendor Equipment Vulnerabilities v3 9.4 Labkotec Labkotec LID-3300IP Missing Authentication for Critical Function Background Critical Infrastructure Sectors: Communications, Energy Countries/Areas Deployed: Worldwide Company Headquarters Location: Finland Vulnerabilities Expand All + CVE-2026-1775 The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device p [xlite_meta score:73 src:CISA Alerts xlite_fp:0ce0458918a99fbbdd67ff7a9e6eb15c1569bf2cf0558c6a13c0ec51ba4de8cb]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-306)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-1775 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts