Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Dec 5, 2025

CVE-2025-53963

Description

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with network connectivity can achieve root code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Affected products

Thermo Fisher/Ion Torrent OneTouch 2description
Thermofisher/Ion Torrent OneTouch 2llm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

assets.thermofisher.com/TFS-Assets/LSG/manuals/MAN0014388_IonOneTouch2Sys_UG.pdfmitre
documents.thermofisher.com/TFS-Assets/CORP/Product-Guides/Ion_OneTouch_2_and_Torrent_Suite_Software.pdfmitre
tools.thermofisher.cn/content/sfs/brochures/One_Touch_2_Spec_Sheet.pdfmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000