PT-2025-25417 · Openc3 · Openc3 Cosmos
Published
2025-06-13
·
Updated
2025-06-14
·
CVE-2025-28389
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenC3 COSMOS version 6.0.0
Description
The issue is related to weak password requirements, allowing attackers to bypass authentication using a brute force attack.
Recommendations
For OpenC3 COSMOS version 6.0.0, consider implementing stronger password requirements to prevent brute force attacks. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openc3 Cosmos