Cyber Security News

Critical Vulnerability in Welker OdorEyes EcoSystem Pulse Bypass System

Cyware
Critical Vulnerability in Welker OdorEyes EcoSystem Pulse Bypass System

A missing-authentication vulnerability (CVE-2026-24790) in Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller could allow unauthorized actions that result in over- or under-odorization events. CISA rates this issue CVSS v3 8.2 and recommends isolating control networks, minimizing internet exposure, using updated VPNs and firewalls, and following ICS defense-in-depth guidance to mitigate risk; no public exploitation has been reported. #WelkerOdorEyes #CVE-2026-24790

Keypoints

  • The vulnerability affects Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller (CVE-2026-24790).
  • The issue is classified as Missing Authentication for Critical Function with a CVSS v3 score of 8.2.
  • Successful exploitation could cause over- or under-odorization, impacting safety and operations.
  • Critical infrastructure sectors at risk include Chemical, Critical Manufacturing, Energy, and Food and Agriculture.
  • CISA advises minimizing network exposure, isolating control systems behind firewalls, using updated VPNs, and following ICS best practices.

Read More: https://www.cisa.gov/news-events/ics-advisories/icsa-26-050-04