← voltar
CVE-2025-41438

Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default

CVSS 9.3 CRITICALEPSS 0.7%CWE-1188
The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely impact the device's operation if exploited.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Consilium Safety · CS5000 Fire Panel

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03https://www.consiliumsafety.com/en/support/