| TVN ID | TVN-202603003 |
|---|---|
| CVE ID | CVE-2026-3822 |
| CVSS | 6.5 (Medium) CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N |
| Affected Products | Taipower APP version 3.4.4 and earlier |
| Description | Taipower APP developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the vulnerability to perform a Man-in-the-Middle (MITM) attack to read and tamper with network packets. |
| Solution | Please update to version 3.4.5 or later. |
| Credit | Kazuma Matsumoto(GMO Cybersecurity by IERAE, Inc.) |
| Public Date | 2026-03-09 |
:::