CVE-2025-54454
Samsung Electronics · MagicINFO 9 Server
A hard-coded credentials vulnerability in Samsung MagicINFO 9 Server allows unauthenticated attackers to bypass authentication mechanisms.
Executive summary
Samsung MagicINFO 9 Server contains a critical hard-coded credentials vulnerability that permits unauthorized attackers to bypass authentication and gain system access.
Vulnerability
This vulnerability involves the use of hard-coded credentials within the MagicINFO 9 Server, which allows an unauthenticated remote attacker to bypass authentication controls and gain unauthorized access to the application.
Business impact
The presence of hard-coded credentials presents a severe security risk, as it allows attackers to gain full administrative or user-level access without valid credentials. Given the CVSS score of 9.1, this vulnerability poses a critical threat to data confidentiality, integrity, and availability, potentially leading to total system compromise and unauthorized data exfiltration.
Remediation
Immediate Action: Upgrade Samsung MagicINFO 9 Server to version 21.1080.0 or later immediately to remove the hard-coded credentials.
Proactive Monitoring: Review authentication logs for anomalous login patterns or successful access attempts originating from unauthorized or unexpected IP addresses.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to detect and block suspicious traffic patterns targeting the management interface of the server.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
The reliance on hard-coded credentials represents a significant security oversight. Organizations utilizing Samsung MagicINFO 9 Server should prioritize the update to the patched version 21.1080.0 immediately to mitigate the risk of unauthorized system access.