CVE-2026-4621

Name: CVE-2026-4621
Creator: NVD / NIST
Published: 2026-03-27T12:16:20.91+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 6.3/10EPSS 0.16%

Last modified Jun 17, 2026

CVE-2026-4621 is a medium-severity vulnerability rated 6.3/10 on the CVSS scale. Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.. EPSS estimates a 0.16% chance of exploitation in the next 30 days.

Description

Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.

Metrics

CVSS 3.1

5.6/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS 4.0

6.3/10

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

0.16%

5.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-912

Affected Software

Vendor	Product	Versions
Nec	Aterm Wg1200hp4 Firmware	All versions
Nec	Aterm Wg2600hs Firmware	< 1.7.2
Nec	Aterm Wf1200cr Firmware	< 1.6.0
Nec	Aterm Wg1200cr Firmware	< 1.5.0
Nec	Aterm Wg2600hp4 Firmware	< 1.4.2
Nec	Aterm Wg2600hm4 Firmware	< 1.4.2
Nec	Aterm Wg2600hs2 Firmware	< 1.3.2
Nec	Aterm Wx3000hp Firmware	< 2.5.0
Nec	Aterm Wx3600hp Firmware	<= 1.5.3
Nec	Aterm W1200ex-Ms Firmware	All versions
Nec	Aterm Wg1200hp2 Firmware	All versions
Nec	Aterm Wg1900hp Firmware	All versions
Nec	Aterm Wg1200hs2 Firmware	All versions
Nec	Aterm Wg1800hp3 Firmware	All versions
Nec	Aterm Wg1200hp3 Firmware	All versions
Nec	Aterm Wg1900hp2 Firmware	All versions
Nec	Aterm Wg1200hs3 Firmware	All versions
Nec	Aterm Wg1800hp4 Firmware	All versions
Nec	Aterm Wg1200hs4 Firmware	All versions
Nec	Aterm Wx1500hp Firmware	< 1.4.2
Nec	Aterm Wx3000hp2 Firmware	< 1.3.2

References

https://jpn.nec.com/security-info/secinfo/nv26-001_en.htmlVendor Advisory

Timeline

Published: Mar 27, 2026
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2026-4621?

Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.

How severe is CVE-2026-4621?

CVE-2026-4621 has a CVSS score of 6.3/10 (MEDIUM severity). The EPSS model estimates a 0.16% probability of exploitation in the next 30 days.

How do I fix CVE-2026-4621?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2026-4621?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST