Cyber Resilience

CVE-2026-27521

MediumPublic PoC

Published: 24 February 2026

Published
24 February 2026
Modified
02 March 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0005 15.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-27521 is a medium-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Binardat 10G08-0800Gsm Firmware. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Password Guessing (T1110.001); ranked at the 15.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-27521 is a vulnerability in the Binardat 10G08-0800GSM network switch firmware, specifically version V300SP10260209 and prior. The issue arises from the lack of rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials. Published on 2026-02-24, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and maps to CWE-307: Improper Restriction of Excessive Authentication Attempts.

Attackers with network access to the switch can exploit this remotely without privileges or user interaction. By conducting repeated authentication attempts, they can brute-force credentials to gain unauthorized access to the management interface, resulting in high confidentiality impact through exposure of sensitive device data.

Advisories and vendor resources provide further details on the issue. The VulnCheck advisory at https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-missing-login-rate-limiting outlines the vulnerability, while the product page at https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch describes the affected hardware.

EU & UK References

Vulnerability details

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1110.001 Password Guessing Credential Access
Adversaries with no prior knowledge of legitimate credentials within the system or environment may guess passwords to attempt access to accounts.
Why these techniques?

Missing rate limiting/lockout directly enables online password guessing (T1110.001) against the exposed management interface to obtain valid credentials.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-27519Same product: Binardat 10G08-0800Gsm
CVE-2026-27520Same product: Binardat 10G08-0800Gsm
CVE-2026-27516Same product: Binardat 10G08-0800Gsm
CVE-2026-23678Same product: Binardat 10G08-0800Gsm
CVE-2026-27507Same product: Binardat 10G08-0800Gsm
CVE-2026-27515Same product: Binardat 10G08-0800Gsm
CVE-2025-36363Shared CWE-307
CVE-2024-9342Shared CWE-307
CVE-2026-32292Shared CWE-307
CVE-2026-24436Shared CWE-307

Affected Assets

binardat
10g08-0800gsm firmware
≤ V300SP10260209

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires limiting consecutive unsuccessful logon attempts and implementing account lockout or access delays, precisely addressing the missing rate limiting or lockout that enables brute-force attacks on the switch firmware.

prevent

Mandates identification, reporting, and timely correction of system flaws, including patching the vulnerable firmware version to add protections against brute-force authentication attempts.

prevent

Provides denial-of-service protections that can mitigate brute-force login floods by limiting authentication request rates at the network or system level.

References