Pharos Controls Mosaic Show Controller
Summary
A critical vulnerability (CVE-2026-2417) has been identified in Pharos Controls Mosaic Show Controller firmware version 2.15.3. This flaw allows unauthenticated attackers to execute arbitrary commands with root privileges. Pharos Controls recommends upgrading to version 2.16 or later.
IFF Assessment
FOE
The vulnerability allows unauthenticated attackers to gain root privileges, posing a significant risk to systems and data.
Severity
9.8
Critical
Defender Context
This critical vulnerability in an industrial control system (ICS) component highlights the ongoing risks in operational technology (OT) environments. Defenders should prioritize patching or mitigating affected Pharos Controls Mosaic Show Controllers to prevent unauthorized command execution and potential system compromise.