CVE-2025-46352

216.73.216.6

· Published 30/05/2025 00:15 · Modified 30/05/2025 16:31

Labels: CVE-2025-46352 2025-05-30 CVE-2025-46352 CWE-798 [email protected]

Essential information

Published: 30/05/2025 00:15
Modified: 30/05/2025 16:31
Author: —
Creator: —
CVSS: 9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allowing anyone with knowledge of it to gain remote access to the panel. Such access could enable an attacker to operate the panel remotely, potentially putting the fire panel into a non-functional state and causing serious safety issues.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
cs5000 / cs5000 fire panel	`cpe:2.3:a:cs5000:cs5000_fire_panel::::::::`
vnc / vnc server	`cpe:2.3:a:vnc:vnc_server::::::::`