QwikSec

Security Database

CVE

CWE

Training

CVE-2025-53963

Published: Dec 4, 2025

Modified: Dec 5, 2025

PUBLISHED

Description

An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with network connectivity can achieve root code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://tools.thermofisher.cn/content/sfs/brochures/One_Touch_2_Spec_Sheet.pdf

https://assets.thermofisher.com/TFS-Assets/LSG/manuals/MAN0014388_IonOneTouch2Sys_UG.pdf

https://documents.thermofisher.com/TFS-Assets/CORP/Product-Guides/Ion_OneTouch_2_and_Torrent_Suite_Software.pdf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.