The encryption algorithm used to protect the configuration of user accounts, stored in the built-in user directory of PcVue projects, all versions prior to 17.0.0, is not strong enough for the level of protection required. A local attacker could alter the existing configuration and ultimately gain privileged access to the PcVue application.
References
History

Tue, 07 Jul 2026 12:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 07 Jul 2026 10:15:00 +0000

Type Values Removed Values Added
Description The encryption algorithm used to protect the configuration of user accounts, stored in the built-in user directory of PcVue projects, all versions prior to 17.0.0, is not strong enough for the level of protection required. A local attacker could alter the existing configuration and ultimately gain privileged access to the PcVue application.
Title Weak encryption mechanism for User directory
First Time appeared Arcinfo
Arcinfo pcvue
Weaknesses CWE-326
CPEs cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*
Vendors & Products Arcinfo
Arcinfo pcvue
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/R:U/RE:M/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: arcinfo

Published:

Updated: 2026-07-07T12:07:31.124Z

Reserved: 2026-07-06T13:45:32.651Z

Link: CVE-2026-14868

cve-icon Vulnrichment

Updated: 2026-07-07T12:07:17.632Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-07T12:00:07Z