CVE-2025-54454

Samsung Electronics · MagicINFO 9 Server

A hard-coded credentials vulnerability in Samsung MagicINFO 9 Server allows unauthenticated attackers to bypass authentication mechanisms.

Executive summary

Samsung MagicINFO 9 Server contains a critical hard-coded credentials vulnerability that permits unauthorized attackers to bypass authentication and gain system access.

Vulnerability

This vulnerability involves the use of hard-coded credentials within the MagicINFO 9 Server, which allows an unauthenticated remote attacker to bypass authentication controls and gain unauthorized access to the application.

Business impact

The presence of hard-coded credentials presents a severe security risk, as it allows attackers to gain full administrative or user-level access without valid credentials. Given the CVSS score of 9.1, this vulnerability poses a critical threat to data confidentiality, integrity, and availability, potentially leading to total system compromise and unauthorized data exfiltration.

Remediation

Immediate Action: Upgrade Samsung MagicINFO 9 Server to version 21.1080.0 or later immediately to remove the hard-coded credentials.

Proactive Monitoring: Review authentication logs for anomalous login patterns or successful access attempts originating from unauthorized or unexpected IP addresses.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to detect and block suspicious traffic patterns targeting the management interface of the server.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

The reliance on hard-coded credentials represents a significant security oversight. Organizations utilizing Samsung MagicINFO 9 Server should prioritize the update to the patched version 21.1080.0 immediately to mitigate the risk of unauthorized system access.