CVE-2025-30183 identifies a security vulnerability in the CyberData 011209 SIP Emergency Intercom device, specifically related to improper storage and protection of the web server administrator credentials. The vulnerability is classified under CWE-522, which pertains to insufficiently protected credentials. In this case, the device's web interface, which is used for administrative access and configuration, does not adequately safeguard the admin credentials, potentially allowing an attacker to retrieve or intercept them. The CVSS 3.1 base score is 7.5, indicating a high severity level. The vector string (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) reveals that the vulnerability can be exploited remotely over the network without any privileges or user interaction, and it impacts confidentiality with a high impact, but does not affect integrity or availability. This means an attacker can remotely obtain sensitive admin credentials without authentication or user involvement, leading to unauthorized access to the device's administrative functions. The affected product is the CyberData 011209 SIP Emergency Intercom, a device typically used in critical communication environments such as emergency notification systems, public safety, and building security. The lack of proper credential protection could allow attackers to gain control over the intercom system, potentially disrupting emergency communications or manipulating alerts. No patches or known exploits in the wild are currently reported, but the vulnerability's nature and ease of exploitation make it a significant risk if left unmitigated.

For European organizations, especially those in public safety, healthcare, transportation, and critical infrastructure sectors, this vulnerability poses a substantial risk. The CyberData 011209 SIP Emergency Intercom is likely deployed in facilities requiring reliable emergency communication systems. Unauthorized access to the device's admin interface could allow attackers to intercept or manipulate emergency announcements, disable alarms, or cause misinformation during critical incidents, potentially endangering lives and property. Confidentiality compromise of admin credentials could also lead to lateral movement within networks if these devices are connected to broader enterprise systems. Given the device's role in safety-critical environments, the impact extends beyond data loss to physical safety risks and regulatory compliance issues under European laws such as NIS2 and GDPR if personal data or safety is compromised.

To mitigate this vulnerability, European organizations should immediately assess their deployment of CyberData 011209 SIP Emergency Intercom devices. Specific recommendations include: 1) Isolate the intercom devices on segmented, secured network zones with strict access controls to limit exposure to untrusted networks. 2) Implement network-level protections such as firewalls and intrusion detection systems to monitor and restrict access to the device's web interface. 3) If possible, disable web administration interfaces or restrict them to trusted IP addresses only. 4) Change default credentials and use strong, unique passwords for admin accounts, even though the vulnerability relates to credential storage, this reduces risk from other attack vectors. 5) Monitor vendor communications closely for patches or firmware updates addressing this vulnerability and apply them promptly once available. 6) Conduct regular security audits and penetration testing focused on these devices to detect unauthorized access attempts. 7) Consider deploying compensating controls such as VPN access for administrative functions to add an additional authentication layer. 8) Document and train relevant personnel on the risks and response procedures related to this vulnerability.