{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-3461", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2025-04-08T23:41:09.376Z", "datePublished": "2025-06-08T21:02:37.521Z", "dateUpdated": "2025-06-09T18:37:14.718Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Quantenna Wi-Fi chipset", "vendor": "ON Semiconductor", "versions": [{"lessThanOrEqual": "8.0.0.28", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Ricky \"HeadlessZeke\" Lawshae of Keysight"}, {"lang": "en", "type": "coordinator", "value": "todb"}], "datePublic": "2025-06-08T21:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).<br><p>This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.</p>"}], "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2025-06-09T18:37:14.718Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://takeonme.org/cves/cve-2025-3461/"}, {"tags": ["vendor-advisory"], "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices"}], "source": {"discovery": "EXTERNAL"}, "title": "ON Semiconductor Quantenna Telnet Missing Authentication", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-09T15:02:18.870403Z", "id": "CVE-2025-3461", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-09T15:02:24.532Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "ON Semiconductor Quantenna Telnet Missing Authentication", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Ricky \"HeadlessZeke\" Lawshae of Keysight"}, {"lang": "en", "type": "coordinator", "value": "todb"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ON Semiconductor", "product": "Quantenna Wi-Fi chipset", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "8.0.0.28"}], "defaultStatus": "unaffected"}], "datePublic": "2025-06-08T21:00:00.000Z", "references": [{"url": "https://takeonme.org/cves/cve-2025-3461/", "tags": ["third-party-advisory"]}, {"url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 ( CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) .\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.", "supportingMedia": [{"type": "text/html", "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 (<a target=\"_blank\" rel=\"nofollow\" href=\"https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)</a>.<br><p>This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2025-06-08T21:02:37.521Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3461", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-09T15:02:18.870403Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-06-09T15:02:21.516Z"}}]}, "cveMetadata": {"cveId": "CVE-2025-3461", "state": "PUBLISHED", "dateUpdated": "2025-06-08T21:02:37.521Z", "dateReserved": "2025-04-08T23:41:09.376Z", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "datePublished": "2025-06-08T21:02:37.521Z", "assignerShortName": "AHA"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, \"Missing Authentication for Critical Function,\" and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).\nThis issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset."}, {"lang": "es", "value": "Los Chips Wi-Fi Quantenna se entregan con una interfaz Telnet no autenticada por defecto. Se trata de una instancia de CWE-306, \"Falta de autenticaci\u00f3n para funci\u00f3n cr\u00edtica\", y se estima que es un CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). Este problema afecta al chipset Wi-Fi Quantenna hasta la versi\u00f3n 8.0.0.28 del SDK m\u00e1s reciente y, al parecer, no se hab\u00eda corregido al momento de la publicaci\u00f3n inicial de este registro CVE, aunque el proveedor ha publicado una gu\u00eda de pr\u00e1cticas recomendadas para los implementadores de este chipset."}], "id": "CVE-2025-3461", "lastModified": "2025-06-09T19:15:24.923", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "cve@takeonme.org", "type": "Secondary"}]}, "published": "2025-06-08T21:15:33.030", "references": [{"source": "cve@takeonme.org", "url": "https://community.onsemi.com/s/article/QCS-Quantenna-Wi-Fi-product-support-and-security-best-practices"}, {"source": "cve@takeonme.org", "url": "https://takeonme.org/cves/cve-2025-3461/"}], "sourceIdentifier": "cve@takeonme.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "cve@takeonme.org", "type": "Secondary"}]}

{}