Unrated severityNVD Advisory· Published Aug 4, 2015· Updated May 6, 2026

CVE-2015-3959

Description

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password.

Affected products

Garrettcom/Magnum 10k Firmware
cpe:2.3:o:garrettcom:magnum_10k_firmware:*:*:*:*:*:*:*:*
Range: <=4.5.5
Garrettcom/Magnum 6k Firmware
cpe:2.3:o:garrettcom:magnum_6k_firmware:*:*:*:*:*:*:*:*
Range: <=4.5.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdfnvdVendor Advisory
ics-cert.us-cert.gov/advisories/ICSA-15-167-01nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/75235nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000