216.73.216.133

CVE-2025-53963

· Published 04/12/2025 15:15 · Modified 16/12/2025 21:01

Labels: CVE-2025-53963 2025-12-04CVE-2025-53963CWE-521[email protected]

Essential information

Published
04/12/2025 15:15
Modified
16/12/2025 21:01
Author
Creator
CVSS
9.8 CRITICAL (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with network connectivity can achieve root code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
thermofisher / ion torrent onetouch 2 firmware cpe:2.3:o:thermofisher:ion_torrent_onetouch_2_firmware:-:*:*:*:*:*:*:*
thermofisher / ion torrent onetouch 2 cpe:2.3:h:thermofisher:ion_torrent_onetouch_2:-:*:*:*:*:*:*:*

References