Cisco Emergency Responder is an emergency response framework from Cisco (USA). A trust management issue vulnerability exists in Cisco Emergency Responder version 12.5(1)SU4, which arises from the presence of static user credentials for the root account, which are typically used during development, and can be exploited by an attacker to log in to an affected system and execute arbitrary commands as the root user.