Report an incident
Back
  • About us
  • For experts
Report an incident
About us
About our team Contact
Baza wiedzy
Fałszywe inwestycje Uważaj na fałszywe sklepy online (Nie)bezpieczne płatności Fałszywi konsultanci Zadbaj o bezpieczne hasła i logowanie Fałszywe załączniki w mailach Fałszywe prośby o szybki przelew Fałszywe SMSy - plaga ostatnich miesięcy Bezpieczny telefon
Biuletyn OUCH!
Porady bezpieczeństwa OUCH!
Tools
n6 Artemis MWDB
CVD program
CVD policy Advisories

Vulnerability in KS-SOMED software
01 June 2026 | CERT Polska | #vulnerability, #warning, #cve
CVE ID CVE-2026-42251
Publication date 01 June 2026
Vendor KAMSOFT
Product KS-SOMED
Vulnerable versions KS-SOMED with modules:
KSPLUPDFTP.exe all through 30.00.00.056
ANEKSKLIENT.EXE all through 29.00.02.026
Vulnerability type (CWE) Use of Hard-coded Credentials (CWE-798)
Report source Report to CERT Polska

Description

CERT Polska has received a report about vulnerability in KAMSOFT KS-SOMED software and participated in coordination of its disclosure.

The vulnerability CVE-2026-42251: Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a legitimate update.

This issue affects KS-SOMED with modules: KSPLUPDFTP.exe up to 30.00.00.056 and ANEKSKLIENT.EXE up to 29.00.02.026

Beside removing the hard-coded credentials from the code and changing the update process, access granted by previously exposed credentials was limited to read-only.

Credits

We thank Wojciech Giełda for the responsible vulnerability report.

More about the coordinated vulnerability disclosure process at CERT Polska can be found at https://cert.pl/en/cvd/.