CVE-2022-32985

high-risk
Published 2022-07-17

libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

Do I need to act?

-
0.61% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (13)

Gigaswitch 641 Desk V5 Sfp-Vi Firmware
Gigaswitch 642 Desk V5 Sfp-2Vi Firmware
Gigaswitch V5 2Tp\(Pd-F\+\) Sfp-Vi 54Vdc Firmware
Gigaswitch V5 2Tp\(Pse\+\) Sfp-Vi 54Vdc Firmware
Gigaswitch V5 2Tp Sfp-Vi 54Vdc Firmware
Gigaswitch V5 Sfp-2Vi 230Vac Firmware
Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Firmware
Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Ind Firmware
Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Med Firmware
Gigaswitch V5 Tp Sfp-2Vi 54Vdc Firmware
Gigaswitch V5 Tp Sfp-2Vi 54Vdc Ind Firmware
Gigaswitch V5 Tp Sfp-2Vi 54Vdc Med Firmware
Gigaswitch V5 Tp Sfp-Vi 230Vac Firmware

Affected Vendors

Nexans

References (4)

Exploit https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outda...
Vendor Advisory https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-s...
Exploit https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outda...
Vendor Advisory https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-s...
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 2/34 · Minimal
Exposure 17/34 · Moderate