CVE-2025-41438
published 2025-05-30CVE-2025-41438: The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.69%
48.2th percentile
The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel. Even though it is possible to change this by SSHing into
the device, it has remained unchanged on every installed system
observed. This account is not root but holds high-level permissions that
could severely impact the device's operation if exploited.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| consilium_safety | cs5000_fire_panel | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-85xp-66c9-65fx: The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel
ghsa_unreviewed·2025-05-30
CVE-2025-41438 [CRITICAL] CWE-1188 GHSA-85xp-66c9-65fx: The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel
The CS5000 Fire Panel is vulnerable due to a default account that exists
on the panel. Even though it is possible to change this by SSHing into
the device, it has remained unchanged on every installed system
observed. This account is not root but holds high-level permissions that
could severely impact the device's operation if exploited.
CISA ICS
Consilium Safety CS5000 Fire Panel (Update A)
cisa_ics·2025-12-04·CVSS 9.8
[CRITICAL] Consilium Safety CS5000 Fire Panel (Update A)
ICS Advisory
##
Consilium Safety CS5000 Fire Panel (Update A)
Last RevisedDecember 04, 2025
Alert CodeICSA-25-148-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.6
- ATTENTION: Low attack complexity
- Vendor: Consilium Safety
- Equipment: CS5000 Fire Panel
- Vulnerabilities: Initialization of a Resource with an Insecure Default, Use of Hard-coded Credentials
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to and remotely operate the device, potentially putting it into a non-functional state.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Consilium Safety product is affected:
-
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-30
Published