VYPR

iMonitor EAM

by iMonitorSoft

CVEs (2)

  • CVE-2025-10542CriSep 25, 2025
    risk 0.64cvss 9.8epss 0.01

    iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over…

  • CVE-2025-10541HigSep 25, 2025
    risk 0.51cvss 7.8epss 0.00

    iMonitor EAM 9.6394 installs a system service (eamusbsrv64.exe) that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. Because any local user can…