Doug Deperry

**Name of the Vulnerable Software and Affected Versions** Verizon Wireless Network Extender SCS-26UC4 (affected versions not specified) **Description** The issue allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the `ramboot` environment variable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Verizon Wireless Network Extender SCS-2U01 (affected versions not specified) **Description** The issue allows physically proximate attackers to bypass the intended boot process and obtain a login prompt by connecting a crafted HDMI cable and sending a SysReq interrupt. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Verizon Wireless Network Extender SCS-2U01 **Description** The issue concerns a hardcoded password for the `root` account in the device, making it easier for attackers with physical access to obtain administrative access by leveraging a login prompt. **Recommendations** For Verizon Wireless Network Extender SCS-2U01, consider changing the hardcoded password for the `root` account to a unique and strong password to prevent unauthorized access. As a temporary workaround, restrict physical access to the device to minimize the risk of exploitation.