Security Advisory

CVE-2025-41438

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-29 23:17:18
Last updated 2025-05-30 12:50:16
Assigner icscert
State PUBLISHED

Description

The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely impact the devices operation if exploited.