CVE-2025-7740 HIGH

CVE-2025-7740: Use of default credentials vulnerability in Hitachi Energy SuprOS product

Vendor Hitachi Energy
Product SuprOS
Weakness CWE-1392
Published January 28, 2026
Last update January 28, 2026

CVSS base score

8.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Default credentials vulnerability exists in SuprOS product. If exploited, this could allow an authenticated local attacker to use an admin account created during product deployment.

Key dates

02Disclosure timeline

January 28, 2026 CVE published
January 28, 2026 Record updated