CVE-2026-40425

MEDIUM NVD

CVSS Score 5.7

Severity MEDIUM

Published May 29, 2026

Vendor unknown

Description

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-01.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-01
https://www.danelec.com/contact