Default Account Vulnerability in CS5000 Fire Panel by Consilium Safety
CVE-2025-41438

9.3CRITICAL

Key Information:

Vendor

Consilium Safety

Status
Cs5000 Fire Panel
Vendor
CVE Published:
30 May 2025

Badges

๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-41438?

The CS5000 Fire Panel is at risk due to a default account that has not been changed in deployed systems. Despite the ability to alter this account through SSH access, the default credentials remain intact, presenting a significant security concern. This account, while not root, possesses elevated permissions that could lead to severe operational disruptions if exploited by malicious actors.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CS5000 Fire Panel All versions

News Articles

Critical Bugs Open Fire Safety OT/ICS Platform to Takeover

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.

favicon imageGBHackers News

Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued alert ICSA-25-148-03 on May 29, 2025.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...
https://www.consiliumsafety.com/en/support/

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by GBHackers News

  • Vulnerability published

JSON
.