Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Iptime
  • Smart Firmware
Tattile
  • Anpr Mobile
  • Anpr Mobile Firmware
  • Axle Counter
  • Axle Counter Firmware
  • Basic Mk2
  • Basic Mk2 Firmware
  • Smart+
  • Smart+ Speed
  • Smart+ Traffic Light
  • Smart\+
  • Smart\+ Firmware
  • Smart\+ Speed
  • Smart\+ Speed Firmware
  • Smart\+ Traffic Light
  • Smart\+ Traffic Light Firmware
  • Tolling+
  • Tolling\+
  • Tolling\+ Firmware
  • Vega11
  • Vega11 Firmware
  • Vega33
  • Vega33 Firmware
  • Vega53
  • Vega53 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:tattile:smart\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:tattile:tolling\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:tolling\+:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:tattile:smart\+_speed_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+_speed:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:tattile:smart\+_traffic_light_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+_traffic_light:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:tattile:axle_counter_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:axle_counter:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:tattile:vega53_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega53:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:tattile:vega33_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega33:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:tattile:vega11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega11:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:tattile:basic_mk2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:basic_mk2:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:tattile:anpr_mobile_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tattile:anpr_mobile:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://www.tattile.com/ cve-icon cve-icon
https://www.vulncheck.com/advisories/tattile-smart-vega-basic-unauthenticated-rtsp-stream-disclosure cve-icon cve-icon
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5978.php cve-icon cve-icon
History

Thu, 05 Mar 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Iptime
Iptime smart Firmware
CPEs cpe:2.3:o:iptime:smart_firmware:*:*:*:*:*:*:*:*
Vendors & Products Iptime
Iptime smart Firmware

Thu, 26 Feb 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Tattile anpr Mobile Firmware
Tattile axle Counter Firmware
Tattile basic Mk2 Firmware
Tattile smart\+
Tattile smart\+ Firmware
Tattile smart\+ Speed
Tattile smart\+ Speed Firmware
Tattile smart\+ Traffic Light
Tattile smart\+ Traffic Light Firmware
Tattile tolling\+
Tattile tolling\+ Firmware
Tattile vega11 Firmware
Tattile vega33 Firmware
Tattile vega53 Firmware
CPEs cpe:2.3:h:tattile:anpr_mobile:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:axle_counter:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:basic_mk2:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+_speed:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:smart\+_traffic_light:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:tolling\+:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega11:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega33:-:*:*:*:*:*:*:*
cpe:2.3:h:tattile:vega53:-:*:*:*:*:*:*:*
cpe:2.3:o:tattile:anpr_mobile_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:axle_counter_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:basic_mk2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:smart\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:smart\+_speed_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:smart\+_traffic_light_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:tolling\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:vega11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:vega33_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tattile:vega53_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tattile anpr Mobile Firmware
Tattile axle Counter Firmware
Tattile basic Mk2 Firmware
Tattile smart\+
Tattile smart\+ Firmware
Tattile smart\+ Speed
Tattile smart\+ Speed Firmware
Tattile smart\+ Traffic Light
Tattile smart\+ Traffic Light Firmware
Tattile tolling\+
Tattile tolling\+ Firmware
Tattile vega11 Firmware
Tattile vega33 Firmware
Tattile vega53 Firmware
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Tattile
Tattile anpr Mobile
Tattile axle Counter
Tattile basic Mk2
Tattile smart+
Tattile smart+ Speed
Tattile smart+ Traffic Light
Tattile tolling+
Tattile vega11
Tattile vega33
Tattile vega53
Vendors & Products Tattile
Tattile anpr Mobile
Tattile axle Counter
Tattile basic Mk2
Tattile smart+
Tattile smart+ Speed
Tattile smart+ Traffic Light
Tattile tolling+
Tattile vega11
Tattile vega33
Tattile vega53

Tue, 24 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Feb 2026 19:30:00 +0000

Type Values Removed Values Added
Description Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior expose RTSP streams without requiring authentication. A remote attacker can connect to the RTSP service and access live video/audio streams without valid credentials, resulting in unauthorized disclosure of surveillance data.
Title Tattile Smart+ / Vega / Basic <= 1.181.5 Unauthenticated RTSP Stream Disclosure
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2026-02-24T18:40:35.393Z

Updated: 2026-03-05T01:31:05.967Z

Reserved: 2026-02-13T17:28:43.053Z

Link: CVE-2026-26340

cve-icon Vulnrichment

Updated: 2026-02-24T21:34:01.926Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-24T20:27:47.793

Modified: 2026-02-26T17:38:44.440

Link: CVE-2026-26340

cve-icon Redhat

No data.