Escalated Privileges Vulnerability on AirMagnet Enterprise Sensors

CVE-2020-28251

CVE Title Severity Published Updated
CVE-2020-28251 Escalated Privileges Vulnerability on AirMagnet Enterprise Sensors High 2020 December 03 2020 December 07

NETSCOUT Systems AirMagnet Enterprise version 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.

The affected product models are:

  • SENSOR6-R1S0W1-E
  • SENSOR6-R2S1-E
  • SENSOR6-R2S1-I
  • SENSOR4-R1S1W1-E
  • SENSOR4-R2S1-E
  • SENSOR4-R2S1-I

A software upgrade to AirMagnet Enterprise version 11.1.4 build 37271 to eliminate this vulnerability is available on My NETSCOUT accounts on the AirMagnet Enterprise Downloads page or may be obtained by contacting AirMagnet support at 1-800-708-4784.

  techsupport@netscout.com