Unrated severityNVD Advisory· Published Aug 4, 2015· Updated Jun 17, 2026
CVE-2015-3960
CVE-2015-3960
Description
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:o:garrettcom:magnum_10k_firmware:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:garrettcom:magnum_10k_firmware:*:*:*:*:*:*:*:*range: <=4.5.5
- cpe:2.3:o:garrettcom:magnum_6k_firmware:*:*:*:*:*:*:*:*range: <=4.5.5
- Range: <4.5.6
Patches
Vulnerability mechanics
References
3- www.garrettcom.com/techsupport/MNS6K_R456_Release_Notes.pdfnvdVendor Advisory
- ics-cert.us-cert.gov/advisories/ICSA-15-167-01nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/75236nvd
News mentions
0No linked articles in our index yet.