CVE-2026-4309

Summary

Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.

Affected Software

VendorProductVersion RangeStatus
NEC Platforms, Ltd.Aterm W1200EX(-MS)All versionsaffected
NEC Platforms, Ltd.Aterm WG1200HP2All versionsaffected
NEC Platforms, Ltd.Aterm WG1900HPAll versionsaffected
NEC Platforms, Ltd.Aterm WG1200HS2All versionsaffected
NEC Platforms, Ltd.Aterm WG1800HP3All versionsaffected
NEC Platforms, Ltd.Aterm WG1200HP3All versionsaffected
NEC Platforms, Ltd.Aterm WG1900HP2All versionsaffected
NEC Platforms, Ltd.Aterm WG1200HS3All versionsaffected
NEC Platforms, Ltd.Aterm WG1800HP4All versionsaffected
NEC Platforms, Ltd.Aterm WG1200HP4All versionsaffected
NEC Platforms, Ltd.Aterm WG1200HS4All versionsaffected
NEC Platforms, Ltd.Aterm WX1500HPBefore Ver. 1.4.2affected
NEC Platforms, Ltd.Aterm WG2600HSBefore Ver. 1.7.2affected
NEC Platforms, Ltd.Aterm WF1200CRBefore Ver. 1.6.0affected
NEC Platforms, Ltd.Aterm WG1200CRBefore Ver. 1.5.0affected
NEC Platforms, Ltd.Aterm WG2600HP4Before Ver. 1.4.2affected
NEC Platforms, Ltd.Aterm WG2600HM4Before Ver. 1.4.2affected
NEC Platforms, Ltd.Aterm WG2600HS2Before Ver. 1.3.2affected
NEC Platforms, Ltd.Aterm WX3000HPBefore Ver. 2.5.0affected
NEC Platforms, Ltd.Aterm WX3600HPBefore Ver. 1.5.3affected
NEC Platforms, Ltd.Aterm GX1200HPAll versionsaffected
NEC Platforms, Ltd.Aterm GX1200HS4All versionsaffected
NEC Platforms, Ltd.Aterm WG1200DM4All versionsaffected
NEC Platforms, Ltd.Aterm GB1200PEBefore Ver. 1.3.1affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References