CVE-2026-1364
📋 TL;DR
CVE-2026-1364 is a critical missing authentication vulnerability in IAQS and I6 systems developed by JNC. Unauthenticated remote attackers can directly access administrative functionalities without credentials. This affects all deployments of these systems that haven't implemented proper authentication controls.
💻 Affected Systems
- IAQS
- I6
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to reconfigure systems, steal sensitive data, deploy ransomware, or use systems as attack launch points.
Likely Case
Unauthorized administrative access leading to configuration changes, data exfiltration, or service disruption.
If Mitigated
Limited impact if systems are behind strict network controls with proper segmentation and monitoring.
🎯 Exploit Status
Direct access to administrative interfaces without authentication makes exploitation trivial.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patched versions
Vendor Advisory: https://www.twcert.org.tw/en/cp-139-10653-117a1-2.html
Restart Required: Yes
Instructions:
1. Contact JNC vendor for patched firmware
2. Backup current configuration
3. Apply firmware update following vendor instructions
4. Restart system
5. Verify authentication is required for administrative access
🔧 Temporary Workarounds
Network Segmentation
allIsolate affected systems behind firewalls with strict access controls
Access Control Lists
allImplement IP-based restrictions to limit administrative access
🧯 If You Can't Patch
- Immediately isolate systems from internet and untrusted networks
- Implement strict network monitoring and anomaly detection
🔍 How to Verify
Check if Vulnerable:
Attempt to access administrative interface without authentication - if accessible, system is vulnerableCheck Version:
Check system firmware version via vendor-specific commandsVerify Fix Applied:
Verify authentication is required for all administrative functions after patch📡 Detection & Monitoring
Log Indicators:
- Unauthenticated administrative access attempts
- Configuration changes from unexpected sources
- Multiple failed authentication attempts followed by successful access
Network Indicators:
- Direct administrative protocol traffic from unauthorized IPs
- Unusual administrative interface access patterns
SIEM Query:
source_ip NOT IN authorized_admin_ips AND destination_port IN [admin_ports] AND action='successful_login'