PT-2014-8367 · Cisco · Cisco Meraki Mx

Published

2014-12-24

Updated

2014-12-24

CVE-2014-7995

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24

Description The issue allows physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port.

Recommendations For Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24, update the firmware to a version released after 2014-09-24 to resolve the issue. As a temporary workaround, consider restricting physical access to the devices to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-7995

Affected Products

Cisco Meraki Mx

PT-2014-8367 · Cisco · Cisco Meraki Mx

CVE-2014-7995

Weakness Enumeration

Related Identifiers

Affected Products

References · 3