PatchSiren cyber security CVE debrief
CVE-2025-14751 Weintek CVE debrief
CISA’s CSAF advisory for CVE-2025-14751 describes an authentication bypass in Weintek cMT X Series HMI EasyWeb Service. A low-privileged user can bypass account credentials without confirming the user’s current authentication state, which may lead to unauthorized privilege escalation. The advisory lists affected models including cMT3072XH, cMT3072XH(T), cMT-SVRX-820, and cMT-CTRL01, and provides vendor-fixed versions for remediation. The supplied CVSS v3.1 vector is network-accessible and high severity.
- Vendor
- Weintek
- Product
- cMT3072XH
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-22
- Original CVE updated
- 2026-01-22
- Advisory published
- 2026-01-22
- Advisory updated
- 2026-01-22
Who should care
Industrial control system operators, OT administrators, plant engineers, and security teams managing Weintek cMT X Series HMIs or related EasyWeb deployments should prioritize this issue, especially where management interfaces are reachable from broader networks or shared administrative segments.
Technical summary
The vulnerability is an authentication-state bypass in the EasyWeb Service on affected Weintek devices. According to the advisory, a low-privileged user can bypass account credentials without confirming the current authentication state, enabling unauthorized privilege escalation. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L, indicating network accessibility, low attack complexity, and meaningful confidentiality and integrity impact. Affected products in the advisory are cMT3072XH, cMT3072XH(T), cMT-SVRX-820, and cMT-CTRL01.
Defensive priority
High. This is a network-reachable authentication flaw in an OT/HMI service with potential privilege escalation, so affected environments should patch quickly and limit exposure until remediation is complete.
Recommended defensive actions
- Upgrade affected devices to the vendor-fixed versions listed in the advisory: cMT3072XH and cMT3072XH(T) to 20241112, cMT-SVRX-820 to 20240919, and cMT-CTRL01 to 20250827.
- Restrict EasyWeb Service access to trusted management networks only; avoid direct exposure to untrusted or internet-reachable networks.
- Review privileged accounts, role assignments, and recent access logs for unexpected changes or suspicious authentication activity.
- Apply compensating controls if patching is delayed, such as network segmentation, firewall restrictions, and tighter administrative access paths.
- Confirm the affected device inventory includes all Weintek cMT X Series systems that may share the same service or management workflow.
Evidence notes
This debrief is based on CISA’s CSAF advisory ICSA-26-022-05 (published 2026-01-22T07:00:00Z), which names the affected Weintek products and the vendor-fixed versions. The advisory text states that a low-privileged user can bypass account credentials without confirming the user’s current authentication state, leading to unauthorized privilege escalation. The supplied advisory metadata also includes the CVSS v3.1 vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L. No KEV listing was provided in the source corpus.
Official resources
-
CVE-2025-14751 CVE record
CVE.org
-
CVE-2025-14751 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA CSAF advisory ICSA-26-022-05 on 2026-01-22T07:00:00Z. The supplied CVE and source metadata show the same published and modified timestamp, and the revision history indicates initial publication.