CVE-2025-26410
📋 TL;DR
All Wattsense Bridge devices contain hard-coded credentials in their firmware, allowing attackers to gain root access via the serial interface. This affects all devices running firmware versions below BSP 6.4.1. The vulnerability enables complete device compromise and potential network infiltration.
💻 Affected Systems
- Wattsense Bridge devices
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Full device takeover leading to industrial control system compromise, data exfiltration, or use as pivot point into critical infrastructure networks.
Likely Case
Unauthorized access to device configuration, firmware modification, credential harvesting, and lateral movement within the network.
If Mitigated
Limited to serial port physical access attempts if network interfaces are properly secured and monitored.
🎯 Exploit Status
Credentials can be recovered via password cracking. Serial port access required, which may involve physical access or exposed debug interfaces.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: BSP 6.4.1 and later
Vendor Advisory: https://support.wattsense.com/hc/en-150/articles/13366066529437-Release-Notes
Restart Required: Yes
Instructions:
1. Download latest firmware from Wattsense support portal. 2. Upload firmware via device management interface. 3. Apply update and restart device. 4. Verify firmware version shows BSP >= 6.4.1.
🔧 Temporary Workarounds
Disable Serial Interface
allPhysically disable or secure serial port access to prevent credential use
Network Segmentation
allIsolate Wattsense devices in separate VLAN with strict access controls
🧯 If You Can't Patch
- Physically secure devices to prevent serial port access
- Implement strict network segmentation and monitor for unauthorized access attempts
🔍 How to Verify
Check if Vulnerable:
Check firmware version via device web interface or serial console. Versions below BSP 6.4.1 are vulnerable.Check Version:
Serial console command: 'cat /etc/version' or check web admin interfaceVerify Fix Applied:
Confirm firmware version shows BSP 6.4.1 or higher in device management interface.📡 Detection & Monitoring
Log Indicators:
- Failed login attempts on serial interface
- Unexpected firmware version changes
- Unauthorized configuration modifications
Network Indicators:
- Unexpected serial port traffic
- Unauthorized SSH/Telnet connections from device
SIEM Query:
source="wattsense" AND (event_type="authentication_failure" OR event_type="firmware_update")