Automated Logic - Webctrl Premium Server - CRITICAL - CVE-2026-24060. The WebCTRL system by Automated Logic exhibits a significant vulnerability where service information transmitted via BACnet packets lacks adequate encryption. This flaw allows attackers to sniff, intercept, and potentially modify sensitive data within network traffic. Critical information, including the File Start Position and File Data, can be captured using tools like Wireshark's BACnet dissector. Additionally, the proprietary format utilized by WebCTRL to receive updates from PLCs can be easily intercepted and reverse-engineered, posing serious security risks to the integrity of the system.