CVE 9.3 CRITICAL

Ksenia Security Lares 4.0 Home Automation 1.6 Default Credentials Vulnerability_CVE-2025-15111

December 30, 2025 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.

AI Analysis

Default credentials vulnerability allowing unauthorized administrative access

Basic Information

ID CVE-2025-15111

Source VulnCheck

Published Dec 30, 2025 at 22:41

Affected Product

Vendor Ksenia Security S.p.A.

Product Ksenia Security Lares 4.0 Home Automation

Version 1.6

Affected Versions Ksenia Security S.p.A. Ksenia Security Lares 4.0 Home Automation 1.6
Ksenia Security S.p.A. Ksenia Security Lares 4.0 Home Automation 1.0.0.15

CWE Classification

CWE-798

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Ksenia Security S.p.A.

Product Ksenia Security Lares 4.0 Home Automation

Version 1.6

References

{
    "lastseen": "",
    "description": "Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.",
    "published": "2025-12-30T22:41:45.831Z",
    "modified": "2025-12-30T22:41:45.831Z",
    "type": "cve",
    "title": "Ksenia Security Lares 4.0 Home Automation 1.6 Default Credentials Vulnerability",
    "source": "VulnCheck",
    "references": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php\nhttps://packetstorm.news/files/id/190180/\nhttps://www.kseniasecurity.com/\nhttps://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerability",
    "id": "CVE-2025-15111",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "Ksenia Security S.p.A. Ksenia Security Lares 4.0 Home Automation 1.6\nKsenia Security S.p.A. Ksenia Security Lares 4.0 Home Automation 1.0.0.15",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Ksenia Security Lares 4.0 Home Automation",
    "version": "1.6",
    "vendor": "Ksenia Security S.p.A.",
    "ai_description": "Default credentials vulnerability allowing unauthorized administrative access",
    "ai_severity": "Critical",
    "ai_vendor": "Ksenia Security S.p.A.",
    "ai_product": "Ksenia Security Lares 4.0 Home Automation",
    "ai_version": "1.6",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply