CVE-2019-25241
Unknown Unknown - Not Provided
Hard-Coded SSH Credentials in FaceSentry 6.4.8 Enable Root Access

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: VulnCheck

Description
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25241
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
facesentry access_control_system 6.4.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25241 is a critical vulnerability in FaceSentry Access Control System version 6.4.8 and earlier. It involves hard-coded, weak SSH credentials (username: wwwuser, password: 123456) accessible on port 23445, allowing unauthorized SSH access. Additionally, the sudoers configuration is insecure, permitting the wwwuser account to execute sudo commands without authentication, enabling attackers to escalate privileges and gain full root access to the device remotely. [1, 2]

Impact Analysis

This vulnerability allows attackers to remotely access the FaceSentry device via SSH using hard-coded weak credentials and escalate their privileges to root without authentication. This means an attacker can gain full control over the device, potentially manipulating access control functions, compromising security, and disrupting operations in environments relying on this system. [1, 2]

Detection Guidance

You can detect this vulnerability by scanning for devices running FaceSentry Access Control System exposing SSH on port 23445. Then, attempt to SSH using the hard-coded credentials (username: wwwuser, password: 123456). For example, use the command: ssh wwwuser@<target-ip> -p 23445. If you can log in, check sudo privileges by running: sudo -l. If sudo commands can be run without a password, the system is vulnerable. [1, 2]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting SSH access on port 23445, changing or removing the hard-coded wwwuser credentials, and correcting the sudoers configuration to require authentication for sudo commands. If possible, update the device firmware to a version that addresses this vulnerability or isolate the device from untrusted networks until a fix is applied. [1, 2]

Compliance Impact

The provided resources do not explicitly discuss how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA. However, given that the vulnerability allows unauthorized root access and full control over the FaceSentry Access Control System, it could potentially lead to unauthorized access to sensitive personal or organizational data, thereby impacting compliance with data protection regulations. Without explicit information, a definitive assessment cannot be made. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25241. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart