CVE-2025-46352 – “CS5000 Fire Panel Hard-Coded Password Remote Command Injection Vulnerability”

CVE ID : CVE-2025-46352

Published : May 30, 2025, 12:15 a.m. | 1 hour, 42 minutes ago

Description : The CS5000 Fire Panel is vulnerable due to a hard-coded password that
runs on a VNC server and is visible as a string in the binary
responsible for running VNC. This password cannot be altered, allowing
anyone with knowledge of it to gain remote access to the panel. Such
access could enable an attacker to operate the panel remotely,
potentially putting the fire panel into a non-functional state and
causing serious safety issues.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…