High severityNVD Advisory· Published Apr 16, 2026· Updated Apr 17, 2026
CVE-2026-2336
CVE-2026-2336
Description
A privilege escalation vulnerability in Microchip IStaX allows an authenticated low-privileged user to recover a shared per-device cookie secret from their own webstax_auth session cookie and forge a new cookie with administrative privileges.This issue affects IStaX before 2026.03.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.