CVE-2025-7741

NONE

Published:Mar 30, 2026(Today)

Modified:Mar 30, 2026

AI Explanation

A hardcoded password vulnerability exists in CENTUM products, allowing an attacker to log in as the PROG user if they have access to the HIS screen controls and obtain the hardcoded password. This vulnerability is considered low-risk due to default permission controls, but exploitation could lead to unauthorized operations or configuration changes. Developers should prioritize updating or modifying the affected products to remove the hardcoded password.

Organizations using affected CENTUM products with default permissions are at low risk of unauthorized operations or configuration changes, but those with modified permissions are at higher risk of exploitation.

How to Fix

1Update CENTUM products to a version outside the affected range (R5.01.00 to R5.04.20, R6.01.00 to R6.12.00, and R7.01.00). 2. Modify the PROG user's permissions to restrict access to critical operations and configuration changes. 3. Implement additional security measures to prevent unauthorized access to the HIS screen controls.

References

CVSS Score

v3.1

N/A/ 10.0

NONE

At a Glance

Affected Products

References

CVE-2025-7741

✦ AI Explanation

How to Fix

References

CVSS Score

At a Glance

AI Explanation