The CS5000 Fire Panel is vulnerable due to a hard-coded password that
runs on a VNC server and is visible as a string in the binary
responsible for running VNC. This password cannot be altered, allowing
anyone with knowledge of it to gain remote access to the panel. Such
access could enable an attacker to operate the panel remotely,
potentially putting the fire panel into a non-functional state and
causing serious safety issues.
Metrics
Affected Vendors & Products
References
History
Fri, 30 May 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 29 May 2025 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password cannot be altered, allowing anyone with knowledge of it to gain remote access to the panel. Such access could enable an attacker to operate the panel remotely, potentially putting the fire panel into a non-functional state and causing serious safety issues. | |
Title | Consilium Safety CS5000 Fire Panel Use of Hard-coded Credentials | |
Weaknesses | CWE-798 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: icscert
Published: 2025-05-29T23:18:33.934Z
Updated: 2025-05-30T12:49:31.802Z
Reserved: 2025-05-15T21:07:17.955Z
Link: CVE-2025-46352

Updated: 2025-05-30T12:49:27.331Z

Status : Awaiting Analysis
Published: 2025-05-30T00:15:23.170
Modified: 2025-05-30T16:31:03.107
Link: CVE-2025-46352

No data.