CVE-2025-41438 – “CS5000 Fire Panel Default Account Privilege Escalation”

CVE ID : CVE-2025-41438

Published : May 30, 2025, 12:15 a.m. | 1 hour, 42 minutes ago

Description : The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel. Even though it is possible to change this by SSHing into
the device, it has remained unchanged on every installed system
observed. This account is not root but holds high-level permissions that
could severely impact the device’s operation if exploited.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…