Mitigation Strategies

Immediate mitigation steps include contacting your broadband service provider (BSP) to apply the official patch (R12.2.13.4) released on August 1, 2025, as the devices are not consumer-licensed and updates are only available to authorized users. Additionally, restrict local network access to the Quantenna interface IP to prevent unauthorized Telnet connections until the patch is applied. [1]

Useful 0 Not Useful 0

Executive Summary

CVE-2025-7635 is an unauthenticated Telnet access vulnerability in Calix GigaCenter ONT models 844E, 844G, 844GE, and 854GE. It occurs because a Telnet service on the Quantenna SoC interface is exposed without requiring authentication during the device boot process. Attackers with local network access can connect to this Telnet service using default usernames "admin" or "root" without a password, gaining unauthorized root-level administrative access to the device. [1]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker with local network access to gain root-level administrative control over the affected Calix GigaCenter ONT devices without authentication. This can lead to unauthorized device configuration changes, potential leakage of sensitive information such as pre-shared keys (PSKs), and further compromise of the network or connected systems. [1]

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by scanning for an open Telnet service (port 23) on the Quantenna interface IP of the affected Calix GigaCenter ONT devices. You can use Nmap to scan port 23 on the suspected device IP. If port 23 is open, attempt to connect via Telnet using usernames "admin" or "root" without a password. Successful unauthenticated access indicates the vulnerability is present. [1]

Useful 0 Not Useful 0