{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-41438", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2025-05-15T21:07:17.944Z", "datePublished": "2025-05-29T23:17:18.012Z", "dateUpdated": "2025-05-30T12:50:16.987Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CS5000 Fire Panel", "vendor": "Consilium Safety", "versions": [{"status": "affected", "version": "All versions"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Andrew Tierney of Pen Test Partners reported these vulnerabilities to CISA."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The CS5000 Fire Panel is vulnerable due to a default account that exists\n on the panel. Even though it is possible to change this by SSHing into \nthe device, it has remained unchanged on every installed system \nobserved. This account is not root but holds high-level permissions that\n could severely impact the device's operation if exploited."}], "value": "The CS5000 Fire Panel is vulnerable due to a default account that exists\n on the panel. Even though it is possible to change this by SSHing into \nthe device, it has remained unchanged on every installed system \nobserved. This account is not root but holds high-level permissions that\n could severely impact the device's operation if exploited."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1188", "description": "CWE-1188", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-05-29T23:17:18.012Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03"}, {"url": "https://www.consiliumsafety.com/en/support/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.<br></div>\nMore product safety information can be found on Consilium Safety's <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.consiliumsafety.com/en/support/\">support webpage</a>."}], "value": "Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.\n\n\n\nMore product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ ."}], "source": {"advisory": "ICSA-25-148-03", "discovery": "EXTERNAL"}, "title": "Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Consilium Safety is aware of these vulnerabilities. Currently, no fixes are planned for the CS5000 Fire Panel.</p>\n<p>Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.</p>\n<p>Users of the CS5000 Fire Panel are recommended to implement \ncompensating countermeasures, such as physical security and access \ncontrol restrictions for dedicated personnel.</p><p>More product safety information can be found on Consilium Safety's <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.consiliumsafety.com/en/support/\">support webpage</a>.\n\n<br></p>"}], "value": "Consilium Safety is aware of these vulnerabilities. Currently, no fixes are planned for the CS5000 Fire Panel.\n\n\nUsers wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.\n\n\nUsers of the CS5000 Fire Panel are recommended to implement \ncompensating countermeasures, such as physical security and access \ncontrol restrictions for dedicated personnel.\n\nMore product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ ."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-30T12:50:10.819626Z", "id": "CVE-2025-41438", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-30T12:50:16.987Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41438", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-30T12:50:10.819626Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-30T12:50:13.742Z"}}], "cna": {"title": "Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default", "source": {"advisory": "ICSA-25-148-03", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Andrew Tierney of Pen Test Partners reported these vulnerabilities to CISA."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Consilium Safety", "product": "CS5000 Fire Panel", "versions": [{"status": "affected", "version": "All versions"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.\n\n\n\nMore product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ .", "supportingMedia": [{"type": "text/html", "value": "<div>Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.<br></div>\nMore product safety information can be found on Consilium Safety's <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.consiliumsafety.com/en/support/\">support webpage</a>.", "base64": false}]}], "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03"}, {"url": "https://www.consiliumsafety.com/en/support/"}], "workarounds": [{"lang": "en", "value": "Consilium Safety is aware of these vulnerabilities. Currently, no fixes are planned for the CS5000 Fire Panel.\n\n\nUsers wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.\n\n\nUsers of the CS5000 Fire Panel are recommended to implement \ncompensating countermeasures, such as physical security and access \ncontrol restrictions for dedicated personnel.\n\nMore product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ .", "supportingMedia": [{"type": "text/html", "value": "<p>Consilium Safety is aware of these vulnerabilities. Currently, no fixes are planned for the CS5000 Fire Panel.</p>\n<p>Users wanting enhanced security features are advised to upgrade to \nConsilium Safety's newer line of fire panels. Specifically, products \nmanufactured after July 1, 2024, incorporate more secure-by-design \nprinciples.</p>\n<p>Users of the CS5000 Fire Panel are recommended to implement \ncompensating countermeasures, such as physical security and access \ncontrol restrictions for dedicated personnel.</p><p>More product safety information can be found on Consilium Safety's <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.consiliumsafety.com/en/support/\">support webpage</a>.\n\n<br></p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The CS5000 Fire Panel is vulnerable due to a default account that exists\n on the panel. Even though it is possible to change this by SSHing into \nthe device, it has remained unchanged on every installed system \nobserved. This account is not root but holds high-level permissions that\n could severely impact the device's operation if exploited.", "supportingMedia": [{"type": "text/html", "value": "The CS5000 Fire Panel is vulnerable due to a default account that exists\n on the panel. Even though it is possible to change this by SSHing into \nthe device, it has remained unchanged on every installed system \nobserved. This account is not root but holds high-level permissions that\n could severely impact the device's operation if exploited.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1188", "description": "CWE-1188"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2025-05-29T23:17:18.012Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41438", "state": "PUBLISHED", "dateUpdated": "2025-05-30T12:50:16.987Z", "dateReserved": "2025-05-15T21:07:17.944Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2025-05-29T23:17:18.012Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The CS5000 Fire Panel is vulnerable due to a default account that exists\n on the panel. Even though it is possible to change this by SSHing into \nthe device, it has remained unchanged on every installed system \nobserved. This account is not root but holds high-level permissions that\n could severely impact the device's operation if exploited."}, {"lang": "es", "value": "CS5000 Fire Panel es vulnerable debido a una cuenta predeterminada. Si bien es posible cambiarla accediendo al dispositivo por SSH, no se ha modificado en todos los sistemas instalados observados. Esta cuenta no es root, pero posee permisos de alto nivel que podr\u00edan afectar gravemente el funcionamiento del dispositivo si se explota."}], "id": "CVE-2025-41438", "lastModified": "2025-05-30T16:31:03.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2025-05-30T00:15:23.003", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03"}, {"source": "ics-cert@hq.dhs.gov", "url": "https://www.consiliumsafety.com/en/support/"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1188"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}