CVE-2025-7740

Default credentials vulnerability exists in SuprOS product. If exploited, this could allow an authenticated local attacker to use an admin account created during product deployment.

CVSS

No CVSS.

References

Link	Resource
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000223&LanguageCode=en&DocumentPartId=&Action=launch

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de credenciales por defecto existe en el producto SuprOS. Si se explota, esto podría permitir a un atacante local autenticado usar una cuenta de administrador creada durante el despliegue del producto.

28 Jan 2026, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-28 09:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-7740

Mitre link : CVE-2025-7740

CVE.ORG link : CVE-2025-7740

JSON object : View

Products Affected

No product.

CWE

CWE-1392

Use of Default Credentials

{"id": "CVE-2025-7740", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "cybersecurity@hitachienergy.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.8, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-28T09:15:48.637", "references": [{"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000223&LanguageCode=en&DocumentPartId=&Action=launch", "source": "cybersecurity@hitachienergy.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "cybersecurity@hitachienergy.com", "description": [{"lang": "en", "value": "CWE-1392"}]}], "descriptions": [{"lang": "en", "value": "Default credentials vulnerability exists in SuprOS\nproduct. If exploited, this could allow an authenticated\nlocal attacker to use an admin account created during\nproduct deployment."}, {"lang": "es", "value": "Una vulnerabilidad de credenciales por defecto existe en el producto SuprOS. Si se explota, esto podr\u00eda permitir a un atacante local autenticado usar una cuenta de administrador creada durante el despliegue del producto."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "cybersecurity@hitachienergy.com"}