CVE-2025-26793: CWE-1393 Use of Default Password in Hirsch Enterphone MESH
CVE-2025-26793 is a critical vulnerability in Hirsch Enterphone MESH devices where the web GUI configuration panel ships with default credentials (username: freedom, password: viscount). Administrators are not prompted to change these credentials during initial setup, and changing them is complex. This allows attackers to access the management interface remotely via mesh. webadmin. MESHAdminServlet, potentially compromising personal information of residents in affected apartment buildings in Canada and the U. S. The vendor states that affected systems are not following recommended practices to change default passwords.
AI Analysis
Technical Summary
Hirsch Enterphone MESH devices up to 2024 have a default credential issue (username 'freedom', password 'viscount') in their web GUI configuration panel. The lack of enforced credential change on initial configuration and the complicated process to update credentials enable remote attackers to access the administrative interface over the Internet. This access can lead to unauthorized retrieval of personally identifiable information (PII) of building residents. The vulnerability is identified as CWE-1393 (Use of Default Password) and has a CVSS 4.0 score of 10.0, indicating critical severity. No official patch or remediation guidance is currently provided by the vendor, who emphasizes that the root cause is failure to follow password change recommendations.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to gain administrative access to Hirsch Enterphone MESH devices, potentially compromising the privacy and security of residents by exposing their PII. The vulnerability affects multiple apartment buildings in Canada and the U.S. The CVSS score of 10.0 reflects the ease of exploitation and high impact on confidentiality and integrity. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official patch or fix is currently available. The vendor advises that affected systems must follow manufacturer recommendations to change default credentials immediately. Administrators should prioritize changing the default username and password despite the complexity of the process. Network-level controls such as restricting access to the management interface from untrusted networks can also reduce exposure.
Affected Countries
Canada, United States
CVE-2025-26793: CWE-1393 Use of Default Password in Hirsch Enterphone MESH
Description
CVE-2025-26793 is a critical vulnerability in Hirsch Enterphone MESH devices where the web GUI configuration panel ships with default credentials (username: freedom, password: viscount). Administrators are not prompted to change these credentials during initial setup, and changing them is complex. This allows attackers to access the management interface remotely via mesh. webadmin. MESHAdminServlet, potentially compromising personal information of residents in affected apartment buildings in Canada and the U. S. The vendor states that affected systems are not following recommended practices to change default passwords.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Hirsch Enterphone MESH devices up to 2024 have a default credential issue (username 'freedom', password 'viscount') in their web GUI configuration panel. The lack of enforced credential change on initial configuration and the complicated process to update credentials enable remote attackers to access the administrative interface over the Internet. This access can lead to unauthorized retrieval of personally identifiable information (PII) of building residents. The vulnerability is identified as CWE-1393 (Use of Default Password) and has a CVSS 4.0 score of 10.0, indicating critical severity. No official patch or remediation guidance is currently provided by the vendor, who emphasizes that the root cause is failure to follow password change recommendations.
Potential Impact
Successful exploitation allows unauthenticated remote attackers to gain administrative access to Hirsch Enterphone MESH devices, potentially compromising the privacy and security of residents by exposing their PII. The vulnerability affects multiple apartment buildings in Canada and the U.S. The CVSS score of 10.0 reflects the ease of exploitation and high impact on confidentiality and integrity. There are no known exploits in the wild at this time.
Mitigation Recommendations
No official patch or fix is currently available. The vendor advises that affected systems must follow manufacturer recommendations to change default credentials immediately. Administrators should prioritize changing the default username and password despite the complexity of the process. Network-level controls such as restricting access to the management interface from untrusted networks can also reduce exposure.
Affected Countries
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2025-02-14T00:00:00.000Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
- Gcve Source
- db.gcve.eu
- Epss Score
- 0.27209
- Epss Percentile
- 0.96405
- Epss Date
- 2026-04-26
Threat ID: 69ee6bb668edb0b8f2495f2b
Added to database: 4/26/2026, 7:47:02 PM
Last enriched: 4/26/2026, 8:01:09 PM
Last updated: 4/26/2026, 10:44:46 PM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.