Volerion logoVolerion
Volerion logoVolerion

Nozomi Networks Guardian and CMC Access Control Vulnerability in CLI Functionality

Vulnerability

An access control vulnerability has been identified in the Command Line Interface (CLI) functionality of Nozomi Networks Guardian and CMC versions prior to 25.2.0. This vulnerability arises from improper enforcement of access restrictions, allowing authenticated users with limited privileges to execute administrative CLI commands. As a result, these users can modify device configurations and potentially disrupt the device's availability.

Impact

Exploitation of this vulnerability allows authenticated users with limited privileges to execute administrative commands via the CLI, enabling them to change device configurations and impact the device's availability.

Remediation

Users are advised to upgrade to version 25.2.0 or later. Additionally, internal firewall features can be used to restrict access to the web management interface, and accounts with unnecessary access should be reviewed and deleted.

Added: Oct 7, 2025, 1:21 PM
Updated: Oct 7, 2025, 1:21 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
5.0
exploitability
4.9
remediation
7.9
relevance
0.7
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.