216.73.217.64

CVE-2026-0611

· Published 02/06/2026 17:16 · Modified 02/06/2026 20:16

Labels: CVE-2026-0611 2026-06-02CVE-2026-0611CWE-306[email protected]

Essential information

Published
02/06/2026 17:16
Modified
02/06/2026 20:16
Author
Creator
CVSS
9.2 CRITICAL (v3) 9.2 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Spacelabs Healthcare Sentinel versions 10.5.x and higher and 11.x.x before 11.6.0 contain an unauthenticated remote code execution vulnerability through a deprecated .NET Remoting HTTP channel exposed on port 8989 that allows attackers to perform arbitrary file read and write operations by supplying valid .NET URI endpoints. Attackers can write ASPX webshells to the IIS wwwroot directory to achieve unauthenticated remote code execution on the system. Port 8989 is not exposed in a default Sentinel installation; exploitation requires that the .NET Remoting port has been explicitly made network-accessible through deliberate configuration or network policy changes.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
spacelabs healthcare / sentinel cpe:2.3:a:spacelabs_healthcare:sentinel:10.5.*:*:*:*:*:*:*:*
spacelabs healthcare / sentinel cpe:2.3:a:spacelabs_healthcare:sentinel:11.*.*:*:*:*:*:*:*:*

References