CVE-2025-14751
published 2026-01-22CVE-2025-14751: A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege…
PriorityP357high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.36%
27.5th percentile
A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| weintek | cmt-ctrl01 | >= 20230308 < 20250827 | 20250827 |
| weintek | cmt-svrx-820 | >= 20220413 < 20240919 | 20240919 |
| weintek | cmt3072xh | >= 20200630 < 20241112 | 20241112 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g494-r69f-j7vq: A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privil
ghsa_unreviewed·2026-01-23
CVE-2025-14751 [HIGH] CWE-620 GHSA-g494-r69f-j7vq: A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privil
A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.
CISA ICS
Weintek cMT X Series HMI EasyWeb Service
cisa_ics·2026-01-22·CVSS 8.7
[HIGH] Weintek cMT X Series HMI EasyWeb Service
ICS Advisory
##
Weintek cMT X Series HMI EasyWeb Service
Release DateJanuary 22, 2026
Alert CodeICSA-26-022-05
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device.
The following versions of Weintek cMT X Series HMI EasyWeb Service are affected:
- cMT3072XH (CVE-2025-14750, CVE-2025-14751)
- cMT3072XH(T) (CVE-2025-14750, CVE-2025-14751)
- cMT-SVRX-820 (CVE-2025-14750, CVE-2025-14751)
- cMT-CTRL01 (CVE-2025-14750, CVE-2025-14751)
CVSS
Vendor
Equipment
Vulnerabilities
| v3 8.3
| Weintek
| Weintek cMT X Series HMI EasyWeb Service
| External Control of Assumed-Immutable W
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-01-22
Published