CVE-2025-28389
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-06-13
Last updated on: 2025-06-17
Assigner: MITRE
Description
Description
Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openc3 | cosmos | 6.0.0 |
| openc3 | cosmos | 6.0.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-521 | The product does not require that users should have strong passwords. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
An attacker could gain unauthorized access to the system by exploiting weak password policies, potentially leading to compromised data, unauthorized actions, or control over the affected system.
Can you explain this vulnerability to me?
This vulnerability is due to weak password requirements in OpenC3 COSMOS v6.0.0, which allows attackers to bypass authentication by using brute force attacks to guess passwords.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70