Hubbell Aclara Metrum Cellular Web Interface

HIGH

CVSS 7.5

Date 2026-06-23T06:00:00+00:00

Source cisa-csaf

Published by CISA

// Description

Successful exploitation of this vulnerability could allow attackers to manipulate critical device settings and repeatedly disrupt operations, potentially causing a loss of communications to the device.

// Vulnerabilities (1)

CVE ID	CVSS Score	Severity	Description
CVE-2026-1840	7.5	high	The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration settings, allowing attackers to alter operational parameters and trigger system restarts without restriction. Such unauthorized changes can disrupt normal functionality and, if performed repeatedly, may lead to a loss of communications to the device.

// Remediations (1)

Mitigation: Hubbell encourages users to update their firmware to v2.1.0.105 in order to minimize network exposur

Hubbell encourages users to update their firmware to v2.1.0.105 in order to minimize network exposure and ensure that devices are not accessible from the Internet. Users can download version 2.1.0.105 from AclaraConnect https://aclara.my.site.com/AclaraConnect/s/.

Hubbell Aclara Metrum Cellular Web Interface

// Description

// Vulnerabilities (1)

// Remediations (1)

// References