Remote Access Vulnerability in CS5000 Fire Panel by Vendor
CVE-2025-46352

9.3CRITICAL

Key Information:

Vendor

Consilium Safety

Status
Cs5000 Fire Panel
Vendor
CVE Published:
30 May 2025

Badges

๐Ÿ“ฐ News Worthy

What is CVE-2025-46352?

The CS5000 Fire Panel possesses a significant vulnerability originating from a hard-coded password embedded in its binary, which governs the VNC server functionality. This password's fixed nature prevents any alterations, granting potential attackers the ability to establish remote access effortlessly. Such unauthorized access could undermine the fire safety of the facility by allowing intruders to manipulate or disable the fire panel, leading to severe safety risks for occupants and property.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CS5000 Fire Panel All versions

News Articles

Critical Bugs Open Fire Safety OT/ICS Platform to Takeover

The unpatched security vulnerabilities in Consilium Safety's CS5000 Fire Panel could create "serious safety issues" in environments where fire suppression and safety are paramount, according to a CISA advisory.

favicon imageGBHackers News

Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued alert ICSA-25-148-03 on May 29, 2025.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-1...
https://www.consiliumsafety.com/en/support/

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐Ÿ“ฐ

    First article discovered by GBHackers News

  • Vulnerability published

JSON
.