CVE-2025-55051
Unknown · Unknown
The affected software is susceptible to a CWE-1392 vulnerability involving the use of default credentials, which may allow unauthorized access.
Executive summary
The use of default credentials in the affected product presents a critical security risk that could allow unauthorized system access.
Vulnerability
This vulnerability is categorized as CWE-1392: Use of Default Credentials. It indicates that the product is deployed with, or retains, manufacturer-supplied default passwords that an attacker can exploit for unauthorized access.
Business impact
The presence of default credentials significantly lowers the barrier for unauthorized parties to gain administrative control over the affected system. With a CVSS score of 10.0, this represents the highest level of risk, potentially leading to full data breaches, loss of system confidentiality, and total loss of control over the affected environment.
Remediation
Immediate Action: Change all default passwords for administrative and service accounts immediately and ensure unique, complex credentials are used.
Proactive Monitoring: Audit user account management logs for unauthorized login attempts or successful administrative access by unknown entities.
Compensating Controls: Restrict network access to management interfaces using firewall rules or VPNs to ensure only authorized personnel can attempt authentication.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Default credentials are a primary target for automated exploitation tools. It is imperative that all administrators identify instances of this product within their environment and immediately rotate all default credentials to secure, unique values to prevent unauthorized access.