Anritsu Remote Spectrum Monitor
Summary
Anritsu Remote Spectrum Monitor devices are vulnerable to an authentication bypass flaw (CVE-2026-3356) that allows unauthorized network access to alter operational settings, steal data, or disrupt service. This vulnerability affects multiple versions of the MS27100A, MS27101A, MS27102A, and MS27103A models and is present in critical infrastructure sectors worldwide. Anritsu has no plans to issue a fix and recommends network isolation as a mitigation.
IFF Assessment
The vulnerability allows unauthorized users to access and manipulate critical device functions, posing a significant risk to operational integrity and data.
Severity
The CVSS score of 9.8 reflects the severity of the 'Missing Authentication for Critical Function' vulnerability, indicating a high potential for exploitation with significant impact on confidentiality, integrity, and availability.
Defender Context
This critical vulnerability in Anritsu Remote Spectrum Monitors requires immediate attention for organizations using these devices, particularly in critical infrastructure. Defenders must focus on network segmentation and access controls to isolate these devices and prevent unauthorized access, as no patch is expected from the vendor.