CVE-2015-2897

Sierra Wireless ALEOS <4.4.2 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/628568

Scores

EPSS 0.0226
EPSS Percentile 80.8%

Details

CWE
CWE-200
Status published
Products (1)
sierrawireless/aleos < 4.4.1
Published Aug 08, 2015
Tracked Since Feb 18, 2026