CVE-2025-54756
Awaiting Analysis Awaiting Analysis - Queue

Default Password Vulnerability in BrightSign OS Allows Unauthorized Access

Vulnerability report for CVE-2025-54756, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-12

Last updated on: 2026-02-13

Assigner: ICS-CERT

Description

BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all default passwords.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-12
Last Modified
2026-02-13
Generated
2026-07-06
AI Q&A
2026-02-12
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
brightsign brightsign_os to 8.5.53.1 (exc)
brightsign brightsign_os to 9.0.166 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects BrightSign players running BrightSign OS series 4 prior to version 8.5.53.1 and series 5 prior to version 9.0.166. These devices use a default password that can be guessed if someone has knowledge of the device information.

The issue arises because the default password is not sufficiently secure and can be easily guessed, potentially allowing unauthorized access to the device.

The latest software releases fix this issue for new installations, and users with older installations are encouraged to change all default passwords to mitigate the risk.

Impact Analysis

If exploited, this vulnerability can allow an attacker to gain unauthorized access to BrightSign players by guessing the default password.

Such unauthorized access could lead to a compromise of confidentiality, integrity, and availability of the device and its data, as indicated by the high CVSS scores (8.4 and 8.6).

  • Confidentiality impact: High
  • Integrity impact: High
  • Availability impact: High

This means attackers could potentially view sensitive information, alter device settings or content, or disrupt the device's operation.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 using a default password that is guessable with knowledge of the device information.

To detect this vulnerability on your network or system, you should identify devices running the affected BrightSign OS versions and check if they are still using default passwords.

  • Scan your network for BrightSign devices using network discovery tools or commands like `nmap` to identify devices by their IP and open ports.
  • Use commands or scripts to attempt authentication with default credentials on identified devices to verify if the default password is still in use.
  • Check device firmware versions by accessing device management interfaces or querying device information to confirm if they are running vulnerable OS versions.
Mitigation Strategies

Immediate mitigation steps include changing all default passwords on affected BrightSign players to strong, unique passwords.

Additionally, update the BrightSign OS to the latest version available, specifically to at least v8.5.53.1 for series 4 or v9.0.166 for series 5, as these versions fix the issue for new installations.

Users of existing installations are strongly encouraged to perform these updates and password changes to prevent unauthorized access.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-54756. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart