CVE-2026-6213 PUBLISHED

Remote Spark SparkView RCE

Assigner: NCSC.ch
Reserved: 13.04.2026 Published: 08.05.2026 Updated: 08.05.2026

A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation the vulnerability can be exploited by an unauthenticated attacker.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A
CVSS Score: 10

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Network	Confidentiality	High	Confidentiality	High
Attack Complexity	Low	Integrity	High	Integrity	High
Attack Requirements	None	Availability	High	Availability	High
Privileges Required	None
User Interaction	None

CVSS 4.0

Product Status

Vendor	Remote Spark (https://www.remotespark.com/)
Product	SparkView
Versions	Default: unaffected affected from 0 to build 1122 (excl.)

Workarounds

Customer can also set trustLocal = false in the gateway.conf as a workaround for this problem if they cannot update to build 1122 or later.

References

https://www.remotespark.com/view/new.html

Problem Types

CWE-807 Reliance on untrusted inputs in a security decision CWE
CWE-290 Authentication bypass by spoofing CWE

Impacts

CAPEC-115 Authentication Bypass
CAPEC-176 Configuration/Environment Manipulation
CAPEC-242 Code Injection