CVE-2025-1393
published 2025-03-05CVE-2025-1393: An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.54%
41.5th percentile
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | neuvector_neuvector | >= 5.0.0 < 5.4.6 | 5.4.6 |
| msrc | azl3_xorg-x11-server_1.20.10-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_xorg-x11-server_1.20.10-5_on_azure_linux_3.0 | — | — |
| msrc | azl3_xorg-x11-server_1.20.10-6_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_xorg-x11-server_1.20.10-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| weidmueller | procon-win | < 5.7.14.1 | 5.7.14.1 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Liferay Portal Uses Default Password
ghsa·2025-09-15
CVE-2025-43799 [MEDIUM] CWE-1393 Liferay Portal Uses Default Password
Liferay Portal Uses Default Password
Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35, and older unsupported versions does not limit access to APIs before a user has changed their initial password, which allows remote users to access and edit content via the API.
GHSA
NeuVector admin account has insecure default password
ghsa·2025-08-28
CVE-2025-8077 [CRITICAL] CWE-1393 NeuVector admin account has insecure default password
NeuVector admin account has insecure default password
### Impact
A vulnerability exists in NeuVector versions up to and including **5.4.5**, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.
In earlier versions, NeuVector supports setting the default (bootstrap) password for the `admin` account using a Kubernetes Secret named `neuvector-bootstrap-secret`. This Secret must contain a key named `bootstrapPassword`. However, if NeuVector fails to retrieve this value, it falls back to the fixed default p
GHSA
GHSA-mv7q-mm4h-856r: An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product
ghsa_unreviewed·2025-03-05
CVE-2025-1393 [CRITICAL] CWE-798 GHSA-mv7q-mm4h-856r: An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
Microsoft
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW) the Xserver would leav
vendor_msrc·2023-03-14·CVSS 7.8
CVE-2023-1393 [HIGH] CWE-416 A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW) the Xserver would leav
A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW) the Xserver would leave a dangling pointer to that window in the CompScreen structure which will trigger a use-after-free later.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. S
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-05
Published