๐Ÿ” CVE Alert

CVE-2026-5269

CRITICAL 9.8

Navigator NCS and MCP System Accounts with Default Passwords

CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th

In Ciena's Navigator Network Control Suite (NCS) and Manage Control Plan (MCP), there are hidden system accounts used for internal software operations. Some of these accounts have default passwords that may be predictable. While these accounts have very limited permissions on their own, an attacker could combine an attack using one of these accounts with other potential weaknesses to launch a more significant attack, possibly leading to escalation of privilege on the system.

CWE CWE-1393
Vendor ciena
Product navigator ncs
Published Jul 14, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for ciena navigator ncs

Be the first to know when new critical vulnerabilities affecting ciena navigator ncs are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

CIENA / Navigator NCS
8.1
CIENA / MCP
<= 8.0
CIENA / Planner Plus OnPrem
<= 4.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
ciena.com: https://www.ciena.com/product-security

Credits

Special thanks to the team at TDC NET for their contribution.