CVE-2025-35042
BaseFortify
Publication date: 2025-09-22
Last updated on: 2025-12-19
Assigner: Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| airship.ai | acropolis | to 10.2.35 (exc) |
| airship.ai | acropolis | From 11.0.0 (inc) to 11.0.21 (exc) |
| airship.ai | acropolis | From 11.1.0 (inc) to 11.1.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1392 | The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Airship AI Acropolis where a default administrative account is created with the same credentials on every installation. If users do not change this default password, a remote attacker can log in using these known credentials and gain administrative privileges on the system.
How can this vulnerability impact me? :
If exploited, this vulnerability allows a remote attacker to gain full administrative access to the affected Airship AI Acropolis instance. This can lead to unauthorized control over the system, potentially resulting in data breaches, system manipulation, or disruption of services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the Airship AI Acropolis installation is running a version prior to 10.2.35, 11.0.21, or 11.1.9 and if the default administrative account password has not been changed. You can verify the version of Airship AI Acropolis installed on your system by running commands that query the software version, such as `airship-acropolis --version` or checking the installed package version depending on your OS. Additionally, scanning for the presence of default credentials can be done by attempting to log in with the known default administrative account credentials. Network monitoring tools can also be used to detect unauthorized login attempts using these default credentials.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include changing the default administrative account password to a strong, unique password immediately after installation. Additionally, update Airship AI Acropolis to one of the fixed versions: 10.2.35, 11.0.21, or 11.1.9, which address this vulnerability. Restrict remote access to the administrative interface where possible and monitor login attempts for suspicious activity.