CVE-2025-22937
Published: 31 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-22937 is a privilege escalation vulnerability affecting the Adtran 411 ONT running firmware version vL80.00.0011.M2. The issue, linked to CWE-269 (Improper Privilege Management), allows attackers to elevate privileges through unspecified vectors. It carries a CVSS v3.1 base score of 9.8 (Critical), reflecting network accessibility, low attack complexity, no required privileges or user interaction, and high impacts on confidentiality, integrity, and availability.
Remote attackers with network access to the affected ONT can exploit this vulnerability without authentication. Successful exploitation enables privilege escalation, potentially granting full administrative control over the device and leading to complete compromise, including data access, modification, or disruption of optical network terminal functions.
Advisories and further details on mitigation, including potential patches, are available in referenced sources such as https://drive.google.com/file/d/1levaZk5aC6g6a2zPW8xlOIVAu9MFYvAz/view and https://lanrat.com/posts/adtran-isp-hacking/. Security practitioners should consult these for vendor-specific remediation guidance. The CVE was published on 2025-03-31.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Remote unauthenticated privilege escalation vulnerability on a network-accessible device directly maps to T1068 (Exploitation for Privilege Escalation) for gaining admin control and T1190 (Exploit Public-Facing Application) for remote exploitation of the device's management interface.