← Back to home
ICSA-26-050-01  ·  Published 2026-02-19  ·  View on CISA ICS-CERT ↗

EnOcean SmartServer IoT

CVSS 8.1 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and bypass ASLR.

CVEs (2)

Remediations

  • EnOcean recommends users update the SmartServer platform software to SmartServer 4.6 Update 2 (v4.60.023) or a later release at https://enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes#Current-Stable-Release.
  • For additional mitigations and workarounds, refer to EnOcean's hardening guide at https://enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security.

Affected Vendors

EnOcean Edge Inc

Affected Products (1)

EnOcean Edge Inc · SmartServer IoT <=4.60.009

Affected Sectors

Information Technology

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more