CRITICALCVE-2025-3461CVSS 9.1

CVE-2025-3461: Unauth Telnet in Quantenna Wi-Fi Chipset

Platform

other

Component

quantenna-wi-fi-chipset

Fixed in

8.0.1

AI Confidence: highNVDEPSS 0.1%Reviewed: May 2026

View on NVD

Save

CVE-2025-3461 describes a critical vulnerability affecting Quantenna Wi-Fi chipsets. The vulnerability stems from a default, unauthenticated Telnet interface, enabling unauthorized access to the device. This flaw impacts versions 0 through 8.0.0.28 of the Quantenna SDK and has been addressed with the release of version 8.0.1.

Impact and Attack Scenarios

The presence of an unauthenticated Telnet interface presents a significant security risk. An attacker could leverage this vulnerability to gain complete control over the affected Wi-Fi chipset, potentially leading to data breaches, network disruption, and unauthorized configuration changes. The lack of authentication means no credentials are required to access the Telnet interface, making it easily exploitable. This vulnerability is analogous to exposing administrative interfaces without proper security controls, allowing attackers to bypass standard access restrictions.

Exploitation Context

CVE-2025-3461 was published on 2025-06-08. There is no indication of active exploitation at this time, and no public proof-of-concept (PoC) code has been released. The vulnerability is listed on the CISA KEV catalog with a severity assessment pending. The vendor has released a best practices guide, suggesting awareness of the issue within the industry.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

EPSS

0.10% (27% percentile)

CISA SSVC

Exploitationnone

Automatableyes

Technical Impacttotal

CVSS Vector

Affected Software

Componentquantenna-wi-fi-chipset

VendorON Semiconductor

Affected rangeFixed in

0 – 8.0.0.288.0.1

Weakness Classification (CWE)

CWE-306

Timeline

Reserved2025-04-08
Published2025-06-08
Modified2025-06-09
EPSS updated2026-03-23

Mitigation and Workarounds

The primary mitigation for CVE-2025-3461 is to upgrade the Quantenna Wi-Fi chipset SDK to version 8.0.1 or later. This version includes the necessary fixes to disable the unauthenticated Telnet interface. If an immediate upgrade is not feasible, consider implementing network segmentation to isolate the affected chipsets from critical resources. Additionally, firewalls can be configured to block Telnet traffic (port 23) to these devices. While a temporary workaround, this does not fully eliminate the risk. Consult the vendor's best practices guide for implementors of this chipset for further hardening recommendations.

How to fix

Disable or authenticate Telnet access. Consult the ON Semiconductor best practices guide for Quantenna Wi-Fi chipset implementation. Implement recommended security measures to mitigate the vulnerability.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2025-3461 — Unauth Telnet in Quantenna Wi-Fi Chipset?

CVE-2025-3461 is a critical vulnerability affecting Quantenna Wi-Fi chipsets, allowing unauthorized access via an unauthenticated Telnet interface.

Am I affected by CVE-2025-3461 in Quantenna Wi-Fi Chipset?

If your device uses a Quantenna Wi-Fi chipset running versions 0 through 8.0.0.28, you are potentially affected by this vulnerability.

How do I fix CVE-2025-3461 in Quantenna Wi-Fi Chipset?

Upgrade the Quantenna Wi-Fi chipset SDK to version 8.0.1 or later to disable the unauthenticated Telnet interface.

Is CVE-2025-3461 being actively exploited?

There is currently no indication of active exploitation or publicly available proof-of-concept code.

Where can I find the official Quantenna advisory for CVE-2025-3461?

Consult the vendor's best practices guide for implementors of this chipset, available through Quantenna's support channels.