CVE-2025-54756
Awaiting Analysis Awaiting Analysis - Queue
Default Password Vulnerability in BrightSign OS Allows Unauthorized Access

Publication date: 2026-02-12

Last updated on: 2026-02-13

Assigner: ICS-CERT

Description
BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 use a default password that is guessable with knowledge of the device information. The latest release fixes this issue for new installations; users of old installations are encouraged to change all default passwords.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-12
Last Modified
2026-02-13
Generated
2026-06-16
AI Q&A
2026-02-12
EPSS Evaluated
2026-06-15
NVD
CVE-2025-54756
EUVD
EUVD-2025-207245
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
brightsign brightsign_os to 8.5.53.1 (exc)
brightsign brightsign_os to 9.0.166 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects BrightSign players running BrightSign OS series 4 prior to version 8.5.53.1 and series 5 prior to version 9.0.166. These devices use a default password that can be guessed if someone has knowledge of the device information.

The issue arises because the default password is not sufficiently secure and can be easily guessed, potentially allowing unauthorized access to the device.

The latest software releases fix this issue for new installations, and users with older installations are encouraged to change all default passwords to mitigate the risk.

Impact Analysis

If exploited, this vulnerability can allow an attacker to gain unauthorized access to BrightSign players by guessing the default password.

Such unauthorized access could lead to a compromise of confidentiality, integrity, and availability of the device and its data, as indicated by the high CVSS scores (8.4 and 8.6).

  • Confidentiality impact: High
  • Integrity impact: High
  • Availability impact: High

This means attackers could potentially view sensitive information, alter device settings or content, or disrupt the device's operation.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 using a default password that is guessable with knowledge of the device information.

To detect this vulnerability on your network or system, you should identify devices running the affected BrightSign OS versions and check if they are still using default passwords.

  • Scan your network for BrightSign devices using network discovery tools or commands like `nmap` to identify devices by their IP and open ports.
  • Use commands or scripts to attempt authentication with default credentials on identified devices to verify if the default password is still in use.
  • Check device firmware versions by accessing device management interfaces or querying device information to confirm if they are running vulnerable OS versions.
Mitigation Strategies

Immediate mitigation steps include changing all default passwords on affected BrightSign players to strong, unique passwords.

Additionally, update the BrightSign OS to the latest version available, specifically to at least v8.5.53.1 for series 4 or v9.0.166 for series 5, as these versions fix the issue for new installations.

Users of existing installations are strongly encouraged to perform these updates and password changes to prevent unauthorized access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-54756. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart