Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The Chinese company says it found the backdoor after an internal security audit of firmware for products added to its portfolio following the acquisitions of other companies. The issue is tracked under the CVE-2017-3765 identifier. Backdoor was added to ENOS in 2004 when ENOS was maintained by Nortel’s Blade Server Switch Business Unit (BSSBU) Backdoor is not a hidden account, but an authentication bypass mechanism that occurs under very strict conditions.
Source: https://www.bleepingcomputer.com/news/security/lenovo-discovers-and-removes-backdoor-in-networking-switches/