CVE-2026-3587
Published: 23 March 2026
Description
An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device.
Mitigating Controls (NIST 800-53 r5)AI
Specifies and authorizes actions performable without identification or authentication, directly preventing hidden unauthenticated CLI functions that enable escape from restricted interfaces.
Restricts the system to least functionality by prohibiting or disabling non-essential hidden features like the exploitable CLI prompt function.
Enforces approved access authorizations and policies to block escape from restricted CLI interfaces via hidden functions.
Security SummaryAI
CVE-2026-3587 is a critical vulnerability (CVSS 3.1 score of 10.0; AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) classified under CWE-912 (Hidden Functionality). Published on 2026-03-23, it involves a hidden function within the CLI prompt of an affected device that allows escape from the restricted interface. This flaw enables unauthenticated remote attackers to achieve full compromise of the device.
An unauthenticated remote attacker can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation grants high confidentiality, integrity, and availability impacts, along with a change in scope, culminating in complete device takeover.
For mitigation details, refer to the advisory at https://certvde.com/de/advisories/VDE-2026-020.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote exploitation of a hidden CLI function enables full device compromise via exploitation of a remote service (T1210) and facilitates unrestricted network device CLI command execution (T1059.008).