Cyber Resilience

CVE-2026-23664

High

Published: 10 March 2026

Published
10 March 2026
Modified
12 March 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0011 29.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23664 is a high-severity Improper Restriction of Communication Channel to Intended Endpoints (CWE-923) vulnerability in Microsoft Azure Iot Explorer. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and AU-13 (Monitoring for Information Disclosure).

Deeper analysis

CVE-2026-23664 is an information disclosure vulnerability in Azure IoT Explorer stemming from improper restriction of communication channel to intended endpoints, mapped to CWE-923. Published on 2026-03-10T18:18:14.523, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no effects on integrity or availability.

An unauthorized attacker can exploit this vulnerability remotely over a network with low attack complexity, requiring no privileges or user interaction. Exploitation enables the disclosure of sensitive information via unintended communication channels.

Microsoft's Security Response Center provides an update guide for mitigation at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23664.

EU & UK References

Vulnerability details

Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Remote network info disclosure vuln in Azure IoT Explorer enables exploitation of public-facing apps (T1190) to obtain sensitive data from the system (T1005).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-26121Same product: Microsoft Azure Iot Explorer
CVE-2026-23662Same product: Microsoft Azure Iot Explorer
CVE-2026-23661Same product: Microsoft Azure Iot Explorer
CVE-2026-25181Same vendor: Microsoft
CVE-2026-26144Same vendor: Microsoft
CVE-2025-65037Same vendor: Microsoft
CVE-2025-59287Same vendor: Microsoft
CVE-2025-50165Same vendor: Microsoft
CVE-2025-21348Same vendor: Microsoft
CVE-2026-26114Same vendor: Microsoft

Affected Assets

microsoft
azure iot explorer
≤ 0.15.13

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for controlling information flow to only intended endpoints, directly preventing unauthorized disclosure via unintended communication channels.

prevent

Monitors and controls communications at system boundaries, restricting channels to intended endpoints and blocking unauthorized network access.

detect

Monitors the system specifically for events indicating potential information disclosure over unintended channels.

References