CVE-2026-24346 identifies a security vulnerability in the EZCast Pro II device, specifically version 1.17478.146, where the Admin UI is protected by hard-coded, well-known default credentials. This vulnerability falls under CWE-798, which concerns the use of hard-coded credentials that cannot be changed by users, thereby creating a significant security risk. The flaw allows attackers with network access to the device to bypass authentication and gain administrative access to the web application interface. This access can enable attackers to manipulate device settings, intercept or alter data streams, or pivot to other network resources. The vulnerability has been assigned a CVSS 4.0 score of 7.6, reflecting high severity due to its remote attack vector (AV:A - adjacent network), no required privileges or user interaction, and high impact on confidentiality and integrity. Although no public exploits are currently known, the presence of default credentials is a well-understood and easily exploitable weakness. The vulnerability was published on January 27, 2026, and assigned by NCSC.ch. The lack of available patches or updates at the time of publication increases the urgency for organizations to implement compensating controls. The affected product is commonly used in enterprise environments for wireless presentation and collaboration, making it a potential target for attackers seeking to disrupt meetings or gain footholds in corporate networks.

For European organizations, this vulnerability poses a significant risk to the confidentiality and integrity of information handled via EZCast Pro II devices. Unauthorized administrative access could lead to interception or manipulation of sensitive presentations, intellectual property leakage, or disruption of collaborative workflows. In environments such as corporate boardrooms, educational institutions, or government facilities, compromised devices could serve as entry points for lateral movement within internal networks. The vulnerability's exploitation could also undermine trust in digital collaboration tools and lead to reputational damage. Given the device's typical deployment in conference rooms and meeting spaces, availability impact is less direct but could occur if attackers disable or misconfigure devices. The risk is heightened in organizations that do not segment their networks or expose these devices to broader internal or adjacent networks. Additionally, the lack of authentication barriers increases the likelihood of automated scanning and exploitation attempts once the vulnerability becomes widely known.

Organizations should immediately identify all EZCast Pro II devices running the affected version 1.17478.146 within their networks. Since no patches are currently available, the primary mitigation is to change default credentials to strong, unique passwords if the device allows it; if not, consider isolating the device on a segmented network with strict access controls. Network segmentation should restrict access to the device's management interface to authorized personnel only. Implement monitoring and logging of access attempts to detect unauthorized login activities. Disable or restrict remote management features if not required. Where possible, replace affected devices with updated models or firmware versions once patches are released. Conduct regular vulnerability assessments and penetration testing focused on IoT and collaboration devices to identify similar risks. Educate users and administrators about the risks of default credentials and enforce policies to change them immediately upon deployment. Finally, maintain an inventory of all such devices to ensure timely response to future vulnerabilities.