Full Report
Path Traversal vulnerability (CVE-2026-8464) has been found in Golem OEE MES software.
Analysis Summary
# Vulnerability: Unauthenticated Path Traversal in Neuron Soft Golem OEE MES
## CVE Details
- **CVE ID:** CVE-2026-8464
- **CVSS Score:** Not explicitly provided in the source (Typically High for unauthenticated Path Traversal)
- **CWE:** CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
## Affected Systems
- **Products:** Neuron Soft Golem OEE MES (Manufacturing Execution System)
- **Versions:** All versions prior to 11.6.0
- **Configurations:** Systems accessible via the local network.
## Vulnerability Description
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. The vulnerability exists because the software fails to properly sanitize user-supplied input used in HTTP request paths. An attacker can leverage this flaw by using special sequences (such as `../`) to escape the intended web root directory and access sensitive files on the server's underlying operating system.
## Exploitation
- **Status:** Reported via coordinated disclosure; no mention of active exploitation in the wild.
- **Complexity:** Low
- **Attack Vector:** Network (Specifically restricted to attackers in the same local network).
## Impact
- **Confidentiality:** High (Ability to read arbitrary files from the server OS, including configuration files or credentials).
- **Integrity:** None reported.
- **Availability:** None reported.
## Remediation
### Patches
- **Update to version 11.6.0** or later. Neuron Soft has released this version specifically to address CVE-2026-8464.
### Workarounds
- **Network Segmentation:** Ensure that the Golem OEE MES interface is not accessible from untrusted networks or the public internet.
- **Access Control:** Restrict local network access to the software to only authorized workstations and users.
## Detection
- **Indicators of Compromise:** Unusual HTTP GET requests containing directory traversal patterns (e.g., `%2e%2e%2f`, `..\`, or `../../`) in web server logs.
- **Detection Methods:** Vulnerability scanners and Intrusion Detection Systems (IDS) can be configured to alert on common Path Traversal payloads targeting the MES application.
## References
- **Vendor:** Neuron Soft
- **Advisory:** hxxps[://]cert[.]pl/en/posts/2026/06/vulnerability-in-golem-oee-mes-software/
- **CVE Record:** hxxps[://]www[.]cve[.]org/CVERecord?id=CVE-2026-8464