CVE-2024-28812

Summary

CVE-2024-28812 is a newly identified vulnerability affecting Infinera's hiT 7300 series with firmware version 5.60.50. This issue introduces a hidden SSH service on the local management network interface using hardcoded credentials. Consequently, unauthorized users can exploit this vulnerability to gain privileged access to the appliance's operating system via SSH connections. This potential security breach could allow attackers to manipulate device configurations, install malware, or steal sensitive data, posing a significant risk to network security. Organizations using Infinera hiT 7300 series devices should apply the necessary patches as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.