CVE-2026-11849

Vulnerability

The iRM-IEI Remote Management software by IEI Integration Corp contains hardcoded credentials that are embedded in the codebase. This vulnerability affects the iRM-TSi410X product line in versions prior to v1.4.19 [1][2]. An unauthenticated remote attacker can leverage these static credentials to authenticate to the underlying database with administrative privileges.

Exploitation

An attacker needs only network access to the affected iRM-IEI Remote Management instance; no prior authentication or user interaction is required. By identifying the hardcoded credentials (e.g., through reverse engineering or public disclosure), the attacker can directly connect to the database service using those credentials, bypassing normal authentication mechanisms [1][2].

Impact

Successful exploitation grants the attacker full administrative control over the database. This leads to a complete compromise of confidentiality, integrity, and availability of the database contents, including potential data exfiltration, modification, or deletion. The CVSS v3 base score of 9.8 (Critical) reflects the severe impact on all three security objectives [2].

Mitigation

IEI Integration Corp has released a fix in iRM TSi410X version v1.4.19 and later [1][2]. Users should update to this version or newer immediately. No workarounds are documented in the available references. As of the publication date, this vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.