Primary

Context

NEC Aterm Series Missing Authorization Vulnerability Allowing Unauthorized Access to Device Information and Settings

Vulnerability

A missing authorization vulnerability has been identified in NEC Aterm series devices. This vulnerability allows an attacker to access specific device information and modify settings remotely. It affects multiple models within the Aterm series, all versions, as well as certain models prior to specific version releases.

Impact

Exploitation of this vulnerability could lead to unauthorized access to device information and settings, allowing for unauthorized configuration changes.

Remediation

The remediation process varies by model. Users should refer to the NEC Aterm support pages for their specific model for guidance on addressing this vulnerability.

Added: Mar 27, 2026, 12:21 PM

Updated: Mar 27, 2026, 12:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NEC Aterm Series Missing Authorization Vulnerability Allowing Unauthorized Access to Device Information and Settings

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating