Vulnerable Assets Library

A searchable database of maritime OT equipment with known vulnerabilities — covering navigation systems, engine automation, power management, and vessel control CBS from major marine vendors. Search by vendor, product family, or CVE ID to check whether equipment on your vessel has documented vulnerabilities requiring attention or patch management action.

Searchable by vendor CVE referenced Marine OT vendors Continuously updated

Audit Level: Tactical

Records optimised: 30.06.2026 17:00 UTC

CVE-2026-20220 — Cisco: Cisco Crosswork Network Change Automation

Published: 2026-06-17 | Updated: 2026-06-17

MEDIUM 6.3

A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input validation in the configuration template engine of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system in limited areas of the file system. This vulnerability affects only areas of the operating system for which the template user has write permissions. To exploit this vulnerability, the attacker must have valid template user credentials with write permissions. Template users with read permissions cannot exploit this vulnerability.

CVSS VECTOR: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

NVD Record ↗ | Vendor Advisory / Fix ↗

← Back to full Vulnerable Assets Library

Get new CVE entries like these in your inbox weekly. Subscribe →

Disclaimer & Methodology

The Marine OT Vulnerable Assets Library is a curated repository of security advisories identified through automated heuristic filtering. Users should verify hardware revisions with manufacturers before patching.