CVE-2015-2897 — Sensitive Information Exposure in Aleos
Severity
10.0CRITICALNVD
EPSS
0.0%
top 98.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 8
Latest updateMay 17
Description
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.
CVSS vector
AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0