CVE-2014-7995

Published: Dec 24, 2014Modified: May 6, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.

Affected (6)

Products: Cisco: Meraki Mx Firmware, Meraki Mx, Meraki Ms Firmware, Meraki Ms, Meraki Mr Firmware, Meraki Mr

6 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Meraki Mx Firmware	Up to 2014-09-24
Cisco Meraki Mx	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Meraki Ms Firmware	Up to 2014-09-24
Cisco Meraki Ms	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Meraki Mr Firmware	Up to 2014-09-24
Cisco Meraki Mr	All versions

Related CWEs

CWE-264

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=36799

Source: psirt@cisco.com

Vendor Advisory

https://dashboard.meraki.com/firmware_security

Source: psirt@cisco.com

http://tools.cisco.com/security/center/viewAlert.x?alertId=36799

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://dashboard.meraki.com/firmware_security

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.