CVE-2026-41993 PUBLISHED

Assigner: TXOne
Reserved: 23.04.2026 Published: 17.07.2026 Updated: 17.07.2026

Improper Access Control vulnerability in the Removable Media Validation function of TXOne Networks products allows a local attacker with administrator privileges to bypass the file lockdown mechanism, resulting in unauthorized file transfer to the victim device. The attacker needs to deploy unauthorized file on the removable media in advance. This issue affects SafePortAgent: before 3.2.5024; StellarProtect: from 3.2.4011 before 5.0.1083.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score: 6.7

Product Status

Vendor TXOne Networks
Product SafePortAgent
Versions Default: unaffected
  • affected from 0 to 3.2.5024 (excl.)
Vendor TXOne Networks
Product StellarProtect
Versions Default: unaffected
  • affected from 3.2.4011 to 5.0.1083 (excl.)

References