CVE-2025-34034

Name: CVE-2025-34034
Creator: NVD / NIST
Published: 2025-06-24T01:15:24.63+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.3/10EPSS 0.56%

Last modified Jun 17, 2026

CVE-2025-34034 is a critical-severity vulnerability rated 9.3/10 on the CVSS scale. A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. EPSS estimates a 0.56% chance of exploitation in the next 30 days.

Description

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are not disclosed in public documentation. These accounts allow unauthenticated or low-privilege attackers to gain administrative access to the device’s web interface. Exploitation evidence was observed by the Shadowserver Foundation on 2025-01-26 UTC.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0

9.3/10

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

0.56%

42.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-798

Affected Software

Vendor	Product	Versions
5vtechnologies	Blue Angel Software Suite	All versions

References

https://vulncheck.com/advisories/5vtechnologies-blue-angel-hardcoded-credentialsThird Party Advisory
https://www.exploit-db.com/exploits/46792Exploit, Third Party Advisory
https://www.exploit-db.com/exploits/46792Exploit, Third Party Advisory

Timeline

Published: Jun 24, 2025
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2025-34034?

How severe is CVE-2025-34034?

CVE-2025-34034 has a CVSS score of 9.3/10 (CRITICAL severity). The EPSS model estimates a 0.56% probability of exploitation in the next 30 days.

How do I fix CVE-2025-34034?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-34034?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST