CVE-2025-35042

216.73.217.22

· Published 22/09/2025 16:15 · Modified 22/09/2025 21:22

Labels: CVE-2025-35042 2025-09-22 9119a7d8-5eab-497f-8521-727c672e3725 CVE-2025-35042 CWE-1392

Essential information

Published: 22/09/2025 16:15
Modified: 22/09/2025 21:22
Author: —
Creator: —
CVSS: 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.21, and 11.1.9.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 9119a7d8-5eab-497f-8521-727c672e3725
NVD: View on NVD

Affected products (CPE)

Product	CPE
airship / airship ai acropolis	`cpe:2.3:a:airship:airship_ai_acropolis:10.2.35:::::::*`
airship / airship ai acropolis	`cpe:2.3:a:airship:airship_ai_acropolis:11.0.21:::::::*`
airship / airship ai acropolis	`cpe:2.3:a:airship:airship_ai_acropolis:11.1.9:::::::*`