Password Management Flaw in Automated Logic WebCTRL and Carrier i-Vu
CVE-2025-14295

7HIGH

Key Information:

Vendor: Automated Logic
Status: Webctrl; I-vu
Vendor: CVE Published:; 22 January 2026

🔔 Create Automated Logic Vulnerability Alert

What is CVE-2025-14295?

A flaw in the password management system of Automated Logic WebCTRL and Carrier i-Vu allows sensitive data, specifically passwords, to be stored in a recoverable format. This vulnerability facilitates unauthorized access to stored credentials, potentially enabling attackers to exploit password reuse vulnerabilities. Such security oversights can significantly compromise user accounts and associated systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

i-Vu Windows 6.0 <= 9.0

WebCTRL Windows 6.0 <= 9.0

References

https://www.corporate.carrier.com/product-security/adviso...

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Dec 8, 2025

Credit

Matthew Gregory (Verizon Network Security Red Team)

Jeffery Jackson (Verizon Network Security Red Team)

JSON

Automated Logic