Hardcoded Serial-Console Password Vulnerability in Belden GarrettCom Magnum 6K and Magnum 10K Switches

Hardcoded Serial-Console Password Vulnerability in Belden GarrettCom Magnum 6K and Magnum 10K Switches

CVE-2015-3959 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password.

Learn more about our Physical Security Assessment.