CVE-2024-28093 is a vulnerability identified in the TELNET service of AdTran NetVanta 3120 devices running firmware version 18.01.01.00.E. The TELNET service is enabled by default and configured with default root-level credentials, which are widely known or easily guessable. This configuration flaw allows remote attackers to connect to the device over the network without authentication and gain root-level access. The vulnerability is classified under CWE-1392, indicating the presence of default credentials that compromise security. The CVSS v3.1 base score of 8.8 reflects a high-severity issue with attack vector being adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). Although no public exploits have been reported yet, the vulnerability's nature makes it highly exploitable, especially in environments where TELNET traffic is accessible. The affected devices are typically used in enterprise and service provider networks, making them critical infrastructure components. The lack of available patches at the time of reporting necessitates immediate mitigation through configuration changes or network segmentation to reduce exposure.

The vulnerability allows unauthenticated remote attackers to gain root-level access to affected AdTran NetVanta 3120 devices. This can lead to complete compromise of the device, enabling attackers to intercept, modify, or disrupt network traffic passing through the device. Confidentiality is at risk as attackers can access sensitive configuration and data. Integrity is compromised since attackers can alter device settings or firmware. Availability is threatened because attackers could disable or degrade device functionality, causing network outages. Given the device's role in network infrastructure, exploitation could facilitate lateral movement within networks, persistent access, and further attacks on connected systems. Organizations relying on these devices for critical communications or services face significant operational and security risks.

1. Immediately disable the TELNET service on all affected AdTran NetVanta 3120 devices to eliminate the attack vector. 2. Change all default credentials to strong, unique passwords if TELNET must remain enabled temporarily. 3. Implement network segmentation and access control lists (ACLs) to restrict TELNET access only to trusted management networks. 4. Monitor network traffic for unauthorized TELNET connections or suspicious activity targeting these devices. 5. Regularly audit device configurations to ensure no default credentials remain in use. 6. Stay informed on vendor advisories and apply firmware updates or patches as soon as they become available. 7. Consider migrating management access to secure protocols such as SSH with multi-factor authentication. 8. Employ intrusion detection/prevention systems (IDS/IPS) to detect exploitation attempts targeting this vulnerability.