← back
CVE-2015-3959

CVE-2015-3959

EPSS 0.4%
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-167-01http://www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdfhttp://www.securityfocus.com/bid/75235