Hidden System Account Vulnerabilities in Ciena's Network Control Suite
CVE-2026-5269

Currently unrated

Key Information:

Vendor

Ciena

Vendor
CVE Published:
14 July 2026

What is CVE-2026-5269?

Ciena's Navigator Network Control Suite and Manage Control Plan contain hidden system accounts designed for internal operations, many of which use predictable default passwords. Although these accounts possess limited permissions individually, the existence of such vulnerabilities may allow a malicious actor to exploit them in conjunction with other system weaknesses, potentially leading to unauthorized access and privilege escalation within the network environment.

Affected Version(s)

MCP <= 8.0

Navigator NCS 8.1

Planner Plus OnPrem <= 4.1

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Special thanks to the team at TDC NET for their contribution.
.