Medium severity5.3NVD Advisory· Published May 20, 2026· Updated Jun 16, 2026
CVE-2026-4293
CVE-2026-4293
Description
The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
1- Kieback & Peter DDC Building ControllersCISA ICS Advisories