Number: AV17-084
Date: 16 June 2017
Purpose
The purpose of this advisory is to bring attention to a Cambium Networks ePMP security update.
Assessment
Cambium Networks has released a product update addressing security issues for ePMP products. Successful exploitation of these vulnerabilities may allow an attacker to gain unauthorized access to and modify a device’s configuration.
Affected Products: ePMP Network Access Control products (all models) version 3.4-RC6 and earlier
CVE References: CVE-2017-7918, CVE-2017-7922
Suggested action
CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.