Critical Command Injection Vulnerability in Storage Concentrator (CVE-2026-56413)
A critical vulnerability, CVE-2026-56413, has been identified in Storage Concentrator (SC & SCVM) appliances. The ms_service.pl service, which listens on TCP port 9000, processes custom network packets without adequate input sanitization, enabling unauthenticated remote attackers to inject and execute arbitrary commands with root-level privileges. This flaw poses a severe risk, as exploitation could lead to full system compromise, data exfiltration, or denial-of-service. All versions of Storage Concentrator appliances are affected. Immediate remediation is required. Affected organizations should apply vendor-released patches, disable unnecessary services, and implement network segmentation to restrict access to port 9000. Monitoring for anomalous traffic patterns targeting this port is strongly advised. Due to the vulnerability’s CVSS score of 10.0 and potential for remote code execution, this issue is classified as critical. Users are urged to prioritize mitigation to prevent exploitation.