Skip to main content

CVE-2025-52689: CWE-384 Session Fixation in Alcatel-Lucent OmniAccess Stellar Products

Critical
VulnerabilityCVE-2025-52689cvecve-2025-52689cwe-384
Published: Wed Jul 16 2025 (07/16/2025, 06:30:11 UTC)
Source: CVE Database V5
Vendor/Project: Alcatel-Lucent
Product: OmniAccess Stellar Products

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the attacker to modify the behaviour of the access point.

AI-Powered Analysis

AILast updated: 07/16/2025, 07:02:00 UTC

Technical Analysis

CVE-2025-52689 is a critical session fixation vulnerability (CWE-384) affecting Alcatel-Lucent OmniAccess Stellar products, specifically the AP1100, AP1200, AP1300, AP1400, and AP1500 models running AWOS versions 5.0.2 GA and earlier. The vulnerability allows an unauthenticated attacker to spoof a login request and obtain a valid session ID with administrator privileges. This session fixation flaw means the attacker can hijack or fixate a session identifier before authentication, bypassing normal login procedures. Once the attacker gains administrative session access, they can modify the behavior of the affected access points, potentially altering network configurations, disabling security controls, or creating persistent backdoors. The CVSS v3.1 score of 9.8 reflects the vulnerability's critical severity, with network attack vector, no required privileges, no user interaction, and high impact on confidentiality, integrity, and availability. No known exploits are currently reported in the wild, but the ease of exploitation and the critical impact make this a high-risk issue for organizations using these wireless access points. The lack of available patches at the time of publication further increases exposure risk.

Potential Impact

For European organizations, the impact of this vulnerability is significant. OmniAccess Stellar products are commonly deployed in enterprise and service provider wireless networks, including in sectors such as finance, healthcare, government, and critical infrastructure. Exploitation could lead to unauthorized administrative control over wireless access points, enabling attackers to intercept sensitive data, disrupt network availability, or pivot to other internal systems. This could result in data breaches, operational downtime, regulatory non-compliance (e.g., GDPR violations), and reputational damage. Given the criticality of wireless infrastructure in modern European enterprises and public sector environments, this vulnerability poses a substantial threat to network security and business continuity.

Mitigation Recommendations

Immediate mitigation steps include isolating affected access points from untrusted networks and restricting management interface access to trusted administrative networks only. Network administrators should implement strict network segmentation and monitoring to detect anomalous session activities. Since no patches are currently available, organizations should consider temporary compensating controls such as enforcing multi-factor authentication on management interfaces if supported, and disabling remote management features where feasible. Regularly auditing session management logs for suspicious session fixation attempts is advised. Organizations should maintain close contact with Alcatel-Lucent for timely patch releases and apply updates promptly once available. Additionally, deploying network intrusion detection systems (NIDS) with signatures for session fixation attempts targeting these devices can provide early warning.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
CSA
Date Reserved
2025-06-19T06:04:41.987Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68774ab7a83201eaacd437f4

Added to database: 7/16/2025, 6:46:15 AM

Last enriched: 7/16/2025, 7:02:00 AM

Last updated: 8/17/2025, 4:59:08 PM

Views: 45

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats