CVE-2025-55051 is a critical security vulnerability identified in multiple Baicells products, including NOVA430e/430i, NOVA436Q, NEUTRINO430, and NOVA846. The vulnerability is classified under CWE-1392, which pertains to the use of default credentials. Specifically, affected versions BaiBLQ_3.0.12 and older, as well as BaiBU_DNB4_2.4.9 and older, ship with default usernames and passwords that are not changed or enforced to be changed upon deployment. This flaw allows an unauthenticated attacker to remotely access the affected devices over the network without any user interaction or prior authentication. The CVSS v3.1 base score is 10.0, indicating a critical severity level with the vector AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. This means the attack can be performed remotely over the network with low attack complexity, no privileges or user interaction required, and it impacts confidentiality, integrity, and availability with a scope change (compromise of the device can affect other components or systems). The vulnerability enables full control over the affected devices, allowing attackers to exfiltrate sensitive data, modify configurations, disrupt network services, or use the compromised devices as pivot points for further attacks. Although no known exploits are reported in the wild yet, the ease of exploitation and critical impact make this a high-risk issue. The lack of available patches at the time of publication further exacerbates the risk, necessitating immediate mitigation efforts by affected organizations.

For European organizations, this vulnerability poses a significant threat, especially those relying on Baicells networking equipment for critical communication infrastructure. The affected devices are often deployed in wireless broadband and LTE/5G network environments, which are integral to enterprise connectivity, industrial IoT, and public safety communications. Exploitation could lead to unauthorized access to network management interfaces, enabling attackers to intercept or manipulate sensitive communications, degrade network performance, or cause complete service outages. This can disrupt business operations, compromise data privacy in compliance with GDPR, and potentially impact critical infrastructure sectors such as telecommunications, utilities, and transportation. The scope of impact extends beyond individual devices, as compromised units could serve as entry points for lateral movement within organizational networks, increasing the risk of broader cyberattacks. Given the criticality of the vulnerability and the widespread use of these products in Europe, the threat could have severe operational and reputational consequences.

Immediate mitigation steps include: 1) Conducting an inventory of all Baicells devices in use to identify affected versions. 2) Changing all default credentials on these devices to strong, unique passwords immediately upon deployment or discovery. 3) Implementing network segmentation to isolate Baicells devices from critical network segments and restrict management interface access to trusted administrators only. 4) Enabling multi-factor authentication (MFA) if supported by the device firmware or management platform. 5) Monitoring network traffic and device logs for unusual access patterns or unauthorized login attempts. 6) Applying any available firmware updates or patches from Baicells as soon as they are released. 7) If patches are not yet available, consider temporary compensating controls such as disabling remote management interfaces or restricting access via firewall rules. 8) Educating network administrators about the risks of default credentials and enforcing strict credential management policies. These steps go beyond generic advice by focusing on immediate credential changes, network-level protections, and proactive monitoring tailored to the affected products and their deployment context.