CVE-2025-14751 Unverified Password Change in Weintek cMT X Series HMI EasyWeb Service

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation...

Weintek cMT X Series HMI EasyWeb Service

RISK EVALUATION Successful exploitation of these vulnerabilities could allow a low-level user to alter privileges and gain full control to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...