CVE-2025-1960

Published Mar 12, 2025

Last updated 22 days ago

CVSS critical 9.8

Overview

Description
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interface.
Source
cybersecurity@se.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cybersecurity@se.com
CWE-1188

Social media

Hype score
Not currently trending

  1. [CVE-2025-1960: CRITICAL] Vulnerability alert: CWE-1188 exposes systems with default insecure credentials, enabling unauthorized access. Take action to secure against potential cyber attacks.#cybersecurity,#vulnerability https://t.co/ZEChL5vBxM https://t.co/Wri85Rlq6B

    @CveFindCom

    12 Mar 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References