CVE-2025-3426— Use of default hardcoded credentials
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-3426
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of default hardcoded credentials
Source: NVD (National Vulnerability Database)
Vulnerability Description
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent reverse engineering. Specifically, the app’s code is not obfuscated, and no measures are in place to protect against decompilation, disassembly, or debugging. As a result, attackers can reverse-engineer the application to gain insights into its internal workings, which can potentially lead to the discovery of sensitive information, business logic flaws, and other vulnerabilities. Utilizing this flaw, the attacker was able to identify the Hardcoded credentials from PortalUsersDatabase.dll, which contains .NET remoting definition. Inside the namespace PortalUsersDatabase, the class Users contains the functions CreateAdmin and CreateService that are used to initialize accounts in the Portal service. Both CreateAdmin and CreateService functions contain a hardcoded encrypted password along with its respective salt that are set with the function SetInitialPasswordAndSalt. This issue affects IntelliSpace Portal: 12 and prior; Advanced Visualization Workspace: 15.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Philips IntelliSpace Portal 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Philips IntelliSpace Portal是荷兰飞利浦(Philips)公司的一款高级医学影像分析平台,提供多模态图像处理和自动化诊断工具。 Philips IntelliSpace Portal 12及之前版本和Advanced Visualization Workspace 15版本存在安全漏洞,该漏洞源于缺乏逆向工程保护机制和硬编码凭证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Philips | IntelliSpace Portal | 12 and prior | - | |
| Philips | Advanced Visualization Workspace | 15 | - |
II. Public POCs for CVE-2025-3426
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-3426
请登录查看更多情报信息。
Same Patch Batch · Philips · 2025-04-07 · 3 CVEs total
| CVE-2025-3424 | 3.2.1 Arbitrary File Read in insecure .NET Remoting TCP Channel | |
| CVE-2025-3425 | Unauthenticated Remote Code Execution via .NET Deserialization |
IV. Related Vulnerabilities
Same vendor: Philips
- CVE-2026-3562
Philips Hue Bridge hk_hap Ed25519 Signature Verification Aut - CVE-2026-3561
Philips Hue Bridge hk_hap characteristics Heap-based Buffer - CVE-2026-3560
Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-base - CVE-2026-3559
Philips Hue Bridge HomeKit Accessory Protocol Static Nonce A - CVE-2026-3558
Philips Hue Bridge HomeKit Accessory Protocol Transient Pair
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2025-3426
No comments yet