CVE-2026-2624
Published: 25 February 2026
Summary
CVE-2026-2624 is a critical-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Epati Antikor Next Generation Firewall. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 19.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).
Deeper analysis
CVE-2026-2624 is a missing authentication for critical function vulnerability, tracked as CWE-306, that permits authentication bypass in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall. The flaw affects versions from 2.0.1298 up to but not including 2.0.1301 and carries a CVSS 3.1 base score of 9.8.
An unauthenticated attacker with network access can exploit the issue to bypass authentication controls entirely, resulting in full compromise of confidentiality, integrity, and availability on the affected firewall appliance.
Official advisories addressing the vulnerability have been published by Turkish government security organizations and are available at the referenced USOM and Siberguvenlik URLs. The EPSS score has remained flat at 0.0326 with no material increase observed after disclosure.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-8639
Vulnerability details
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass. This issue affects Antikor Next Generation Firewall (NGFW): from v.2.0.1298 before v.2.0.1301.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Missing authentication on a critical function of a public-facing NGFW directly enables remote exploitation of the management interface without credentials, matching T1190 for initial access and full device compromise.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces approved authorizations on critical functions, blocking the authentication-bypass path described in CVE-2026-2624.
Mandates identification and authentication of users before any access to the firewall's management or data-plane functions, eliminating the missing-authentication condition.
Requires services and devices to mutually authenticate, addressing the unauthenticated network access vector that leads to full compromise of the NGFW.