Unrated severityNVD Advisory· Published Jul 18, 2013· Updated Apr 29, 2026

CVE-2013-4877

Description

The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not use CAVE authentication, which makes it easier for remote attackers to obtain ESN and MIN values from arbitrary phones, and conduct cloning attacks, by sniffing the network for registration packets.

Affected products

Verizon/Wireless Network Extender2 versions
cpe:2.3:h:verizon:wireless_network_extender:scs-26uc4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:verizon:wireless_network_extender:scs-26uc4:*:*:*:*:*:*:*
- cpe:2.3:h:verizon:wireless_network_extender:scs-2u01:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/458007nvdUS Government Resource
www.kb.cert.org/vuls/id/BLUU-997M5BnvdUS Government Resource
www.securityfocus.com/bid/61169nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000