CVE-2026-44611

MEDIUM

Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.

CVSS v3.1 Score

5.4
MEDIUM
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
Attack Vector
ADJACENT_NETWORK
Complexity
HIGH
Privileges
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
NONE
Published: 5/29/2026Modified: 6/1/2026

Related Intelligence (1)

CRITICALVulnerability

MacGregor Voyage Data Recorder (VDR) G4e

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could result in an attacker gaining administrator access to the device.</strong></p> <p>The following versions of MacGregor Voyage Data Recorder (VDR) G4e are affected:</p> <ul> <li>Mac

CVE-2026-42941CVE-2026-42951
CISA Advisories

References (3)

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-148-01.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-26-148-01https://www.danelec.com/contact