THREAT OPS › Threat News › StoneFly Storage Concentrator
StoneFly Storage Concentrator
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-181-06.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow attackers to gain broad unauthorized access, execute arbitrary commands with root privileges, steal sensitive data, and perform actions on behalf of legitimate users across
MITRE ATT&CK techniques
Indicators of compromise
- CVE-2026-56415cve
- CVE-2026-55721cve
- CVE-2026-50040cve
- CVE-2026-50110cve
- CVE-2026-56413cve
- https://www.cve.org/CVERecord?id=CVE-2026-50110url
- https://stonefly.com/contact-us/url
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:Lurl
- https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:Lurl
- https://www.cve.org/CVERecord?id=CVE-2026-56413url
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:Hurl
- https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:Lurl
- https://www.cve.org/CVERecord?id=CVE-2026-56415url
- https://www.cve.org/CVERecord?id=CVE-2026-55721url
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:Nurl
- https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:Nurl
- https://www.cve.org/CVERecord?id=CVE-2026-50040url
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:Nurl
- https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:N/SA:Nurl
- 8.0.4.22ipv4
- 8.0.4.26ipv4
- 8.0.4.29ipv4
Original source: https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-06