CVE-2025-41438

Consilium Safety CS5000 Fire Panel Initialization of a Resource with an Insecure Default

Description

The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unchanged on every installed system observed. This account is not root but holds high-level permissions that could severely impact the device's operation if exploited.

Remediation

Solution:

  • Users wanting enhanced security features are advised to upgrade to Consilium Safety's newer line of fire panels. Specifically, products manufactured after July 1, 2024, incorporate more secure-by-design principles. More product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ .

Workaround:

  • Consilium Safety is aware of these vulnerabilities. Currently, no fixes are planned for the CS5000 Fire Panel. Users wanting enhanced security features are advised to upgrade to Consilium Safety's newer line of fire panels. Specifically, products manufactured after July 1, 2024, incorporate more secure-by-design principles. Users of the CS5000 Fire Panel are recommended to implement compensating countermeasures, such as physical security and access control restrictions for dedicated personnel. More product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ .

Category

9.3
CVSS
Severity: Critical
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.04%
Affected: Consilium Safety CS5000 Fire Panel
Published at:
Updated at:

References

Link Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-25-148-03
https://www.consiliumsafety.com/en/support/

Frequently Asked Questions

What is the severity of CVE-2025-41438?
CVE-2025-41438 has been scored as a critical severity vulnerability.
How to fix CVE-2025-41438?
To fix CVE-2025-41438: Users wanting enhanced security features are advised to upgrade to Consilium Safety's newer line of fire panels. Specifically, products manufactured after July 1, 2024, incorporate more secure-by-design principles. More product safety information can be found on Consilium Safety's support webpage https://www.consiliumsafety.com/en/support/ .
Is CVE-2025-41438 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-41438 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-41438?
CVE-2025-41438 affects Consilium Safety CS5000 Fire Panel.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.