cve-2025-7741

CVE-2025-7741 is a hard-coded password vulnerability in Yokogawa CENTUM VP, an industrial control system used in operational technology (OT) environments. The flaw allows an attacker with access to the HIS screen controls to log in as the PROG user under CENTUM Authentication Mode. While CISA notes that exploitation is not remote and requires high attack complexity, the vulnerability is significant because CENTUM VP runs critical infrastructure such as plants, utilities, and manufacturing lines. Discussions on WindowsForum.com emphasize that authentication shortcuts in OT systems pose long-term security risks, even if immediate exploitation is difficult. This tag covers the vulnerability details, affected branches, and the broader implications for OT security.