A severe vulnerability (USR-W610) affecting industrial serial-to-ethernet converters has been identified, allowing attackers to remotely compromise critical connectivity devices. This flaw, tracked as CVE-2026-7786, has a CVSS score of 9.8, indicating high severity due to hardcoded administrative credentials in the device's software. The vulnerability enables unauthorized access, allowing attackers to intercept or modify data and potentially pivot into local networks.
Despite the urgency, the manufacturer has not responded to concerns from cybersecurity agencies, leaving local teams to implement mitigation strategies, such as disabling exposed management interfaces and applying strict access controls.