CVE-2022-32985 — CRITICAL (9.8)

Q: What is CVE-2022-32985?

CVE-2022-32985 is a vulnerability with a CVSS score of 9.8 (CRITICAL). libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

Q: How severe is CVE-2022-32985?

CVE-2022-32985 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2022-32985?

Check the references section above for vendor advisories and patch information. Affected products include: Nexans Gigaswitch 641 Desk V5 Sfp-Vi Firmware, Nexans Gigaswitch 641 Desk V5 Sfp-Vi, Nexans Gigaswitch 642 Desk V5 Sfp-2Vi Firmware, Nexans Gigaswitch 642 Desk V5 Sfp-2Vi, Nexans Gigaswitch V5 2Tp\(Pd-F\+\) Sfp-Vi 54Vdc Firmware.

Vulnerability Description

libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Nexans	Gigaswitch 641 Desk V5 Sfp-Vi Firmware	< 6.02n
Nexans	Gigaswitch 641 Desk V5 Sfp-Vi	-
Nexans	Gigaswitch 642 Desk V5 Sfp-2Vi Firmware	< 6.02n
Nexans	Gigaswitch 642 Desk V5 Sfp-2Vi	-
Nexans	Gigaswitch V5 2Tp\(Pd-F\+\) Sfp-Vi 54Vdc Firmware	< 6.02n
Nexans	Gigaswitch V5 2Tp\(Pd-F\+\) Sfp-Vi 54Vdc	-
Nexans	Gigaswitch V5 2Tp\(Pse\+\) Sfp-Vi 54Vdc Firmware	< 6.02n
Nexans	Gigaswitch V5 2Tp\(Pse\+\) Sfp-Vi 54Vdc	-
Nexans	Gigaswitch V5 2Tp Sfp-Vi 54Vdc Firmware	< 6.02n
Nexans	Gigaswitch V5 2Tp Sfp-Vi 54Vdc	-
Nexans	Gigaswitch V5 Sfp-2Vi 230Vac Firmware	< 6.02n
Nexans	Gigaswitch V5 Sfp-2Vi 230Vac	-
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Firmware	< 6.02n
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc	-
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Ind Firmware	< 6.02n
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Ind	-
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Med Firmware	< 6.02n
Nexans	Gigaswitch V5 Tp\(Pse\+\) Sfp-2Vi 54Vdc Med	-
Nexans	Gigaswitch V5 Tp Sfp-2Vi 54Vdc Firmware	< 6.02n
Nexans	Gigaswitch V5 Tp Sfp-2Vi 54Vdc	-

Related Weaknesses (CWE)

CWE-798

References

https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdaExploitThird Party Advisory
https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-sVendor Advisory
https://sec-consult.com/vulnerability-lab/advisory/hardcoded-backdoor-user-outdaExploitThird Party Advisory
https://www.nexans.de/de/products/Data-Network-Solutions/Industrial-and-office-sVendor Advisory

FAQ

What is CVE-2022-32985?

CVE-2022-32985 is a vulnerability with a CVSS score of 9.8 (CRITICAL). libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.

How severe is CVE-2022-32985?

CVE-2022-32985 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-32985?

Check the references section above for vendor advisories and patch information. Affected products include: Nexans Gigaswitch 641 Desk V5 Sfp-Vi Firmware, Nexans Gigaswitch 641 Desk V5 Sfp-Vi, Nexans Gigaswitch 642 Desk V5 Sfp-2Vi Firmware, Nexans Gigaswitch 642 Desk V5 Sfp-2Vi, Nexans Gigaswitch V5 2Tp\(Pd-F\+\) Sfp-Vi 54Vdc Firmware.