Consilium Safety CS5000 Fire Panel (Update A)

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to gain high-level access to and remotely operate the device, potentially putting it into a non-functional state.

CVEs (2)

Remediations

• Consilium Safety has released software version R1.17.1 for the CS5000 Fire Panel. Users should contact their local Consilium office for assistance with applying the update.
• Due to the nature of Consilium systems and their deployment in controlled OT environments, software updates are not published for public download. Asset owners should obtain version R1.17.1 through their normal Consilium representative or local support office to ensure the correct package and installation instructions are provided.
• Security configuration and hardening recommendations reflecting the changes in R1.17.1 will be provided directly to asset owners as part of the product documentation. These documents are not available as public download links.
• Asset owners who want enhanced security features are advised to upgrade to Consilium Safety's newer line of fire panels. Specifically, products manufactured after July 1, 2024, incorporate more secure-by-design principles.
• Owners of the CS5000 Fire Panel are recommended to implement compensating countermeasures, such as physical security and access control restrictions for dedicated personnel.
• More product safety information can be found on Consilium Safety's support webpage.

Affected Vendors

Affected Products (1)

Affected Sectors

Commercial Facilities, Energy, Government Services and Facilities, Healthcare and Public Health, Transportation Systems