CVE-2001-1425

Name of the Vulnerable Software and Affected Versions Alcatel Speed Touch firmware KHDSAA.108 Alcatel Speed Touch firmware KHDSAA.132 through KHDSAA.134

Description The challenge-response authentication mechanism for the EXPERT user in Alcatel Speed Touch devices is susceptible to an issue that allows remote attackers to gain privileges. This is achieved by directly computing the response based on information provided by the device during the login process.

Recommendations For firmware KHDSAA.108, update to a version that addresses this issue. For firmware KHDSAA.132 through KHDSAA.134, update to a version that addresses this issue. As a temporary workaround, consider restricting access to the EXPERT user account until a patch is available.