CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-10542

CVSS 9.8v3.1pub. 2025-09-25upd. 2026-04-15

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and data. This enables reading highly sensitive telemetry (including keylogger output) and issuing arbitrary actions to all connected clients.

🤖 AI Analysis
How it works

iMonitor EAM 9.6394 software contains built-in default administrative credentials that are simultaneously displayed to the user in the connection dialog window of the management client. An attacker, without any prior knowledge, can read these credentials directly from the application interface and then authenticate remotely to the EAM server over the network. After gaining access, the attacker obtains administrative privileges without requiring user interaction or meeting additional conditions.

Impact

An attacker gains full control over the EAM server and all connected agents, enabling the reading of highly sensitive telemetry data (including keylogger data) and issuing arbitrary commands to all connected clients.

Mitigation & patch

Default administrative credentials must be immediately changed to a strong, unique password. Patches available from the vendor should be applied according to references. Additionally, it is recommended to restrict network access to the EAM server to trusted IP addresses only and to regularly review authentication logs.

Who is affected

iMonitor EAM version 9.6394 — affects installations where default administrative credentials have not been changed after deployment

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References