CVE-2026-0849: Pharos Controls Mosaic Show Controller

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

Pharos Controls Mosaic Show Controller

Remediation Steps

Verify all Pharos Mosaic Show Controller installations in use
Apply Pharos security firmware update patching unauthenticated command execution
Isolate Mosaic controllers on separate VLAN with restricted network access
Change default credentials and implement strong authentication mechanisms
Monitor Mosaic controller logs for unusual command execution activities

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-083-01.json
https://www.pharoscontrols.com/support
https://nvd.nist.gov/vuln/detail/CVE-2026-0849

Coverage on defend.network

Vulnerability Priority Report – Week 5 of March 2026 (March 30 – April 5)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts