CWE-256
Plaintext Storage of a Password
The product stores a password in plaintext within resources such as memory or files.
CVE-2025-15113 (GCVE-0-2025-15113)
Vulnerability from cvelistv5 – Published: 2025-12-30 22:41 – Updated: 2026-03-11 19:30 Unsupported When Assigned
VLAI
Title
Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload
Summary
Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.
Severity
9.3 (Critical)
8.4 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext storage of a password
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.zeroscience.mk/en/vulnerabilities/ZSL… | third-party-advisory |
| https://www.kseniasecurity.com/ | product |
| https://packetstorm.news/files/id/190178/ | exploit |
| https://www.vulncheck.com/advisories/ksenia-secur… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ksenia Security S.p.A. | lares |
Affected:
1.6
Affected: 1.0.0.15 |
Date Public
2025-03-31 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15113",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T14:23:42.640039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:38:35.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5930.php"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "lares",
"vendor": "Ksenia Security S.p.A.",
"versions": [
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.0.0.15"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mencha Isajlovska of Zero Science Lab"
}
],
"datePublic": "2025-03-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan\u003eKsenia Security lares (legacy model)\u003c/span\u003e Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system\u0027s web server.\u003c/p\u003e"
}
],
"value": "Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system\u0027s web server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext storage of a password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T19:30:48.494Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "Zero Science Lab Disclosure (ZSL-2025-5930)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5930.php"
},
{
"name": "Ksenia Security Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.kseniasecurity.com/"
},
{
"name": "Packet Storm Security Exploit",
"tags": [
"exploit"
],
"url": "https://packetstorm.news/files/id/190178/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-remote-code-execution-via-mpfs-upload"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Ksenia Security lares Home Automation 1.6 Remote Code Execution via MPFS Upload",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-15113",
"datePublished": "2025-12-30T22:41:46.694Z",
"dateReserved": "2025-12-27T01:46:43.993Z",
"dateUpdated": "2026-03-11T19:30:48.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15128 (GCVE-0-2025-15128)
Vulnerability from cvelistv5 – Published: 2025-12-28 08:32 – Updated: 2026-06-11 07:14
VLAI
Title
ZKTeco BioTime Endpoint safe_setting credentials storage
Summary
A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results in unprotected storage of credentials. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 9.0.6 is able to mitigate this issue. It is recommended to upgrade the affected component. The vendor confirms: "The mainstream version ZKBioTime V9.0.6 has fixed this vulnerability. Please update to the latest version as soon as possible. For the Middle East version BioTime 9.5.X, you can contact the local technical support to obtain the fix package."
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/338506 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/338506/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2025-15128 | third-party-advisory |
| https://vuldb.com/submit/711813 | third-party-advisory |
| https://github.com/ionutluca888/IDOR-POC-ZKBio-Ti… | exploit |
| https://www.zkteco.com/en/Security_Bulletinsibs/24 | broken-link |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15128",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-29T16:05:51.769959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-29T16:06:03.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:zkteco:biotime:*:*:*:*:*:*:*:*"
],
"modules": [
"Endpoint"
],
"product": "BioTime",
"vendor": "ZKTeco",
"versions": [
{
"status": "affected",
"version": "9.0.0"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.3"
},
{
"status": "affected",
"version": "9.0.4"
},
{
"status": "affected",
"version": "9.5.0"
},
{
"status": "affected",
"version": "9.5.1"
},
{
"status": "affected",
"version": "9.5.2"
},
{
"status": "unaffected",
"version": "9.0.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "luca_irinel (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safe_setting/ of the component Endpoint. Performing a manipulation of the argument backup_encryption_password_decrypt/export_encryption_password_decrypt results in unprotected storage of credentials. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 9.0.6 is able to mitigate this issue. It is recommended to upgrade the affected component. The vendor confirms: \"The mainstream version ZKBioTime V9.0.6 has fixed this vulnerability. Please update to the latest version as soon as possible. For the Middle East version BioTime 9.5.X, you can contact the local technical support to obtain the fix package.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "Unprotected Storage of Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T07:14:44.030Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-338506 | ZKTeco BioTime Endpoint safe_setting credentials storage",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/338506"
},
{
"name": "VDB-338506 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/338506/cti"
},
{
"name": "CVE-2025-15128 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2025-15128"
},
{
"name": "Submit #711813 | ZkBioTime CMS 9.0.3, 9.0.4, 9.5.2 IDOR",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/711813"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/ionutluca888/IDOR-POC-ZKBio-Time/tree/main"
},
{
"tags": [
"broken-link"
],
"url": "https://www.zkteco.com/en/Security_Bulletinsibs/24"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-27T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-27T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-11T09:19:24.000Z",
"value": "VulDB entry last update"
}
],
"title": "ZKTeco BioTime Endpoint safe_setting credentials storage"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15128",
"datePublished": "2025-12-28T08:32:10.069Z",
"dateReserved": "2025-12-27T09:08:42.325Z",
"dateUpdated": "2026-06-11T07:14:44.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15624 (GCVE-0-2025-15624)
Vulnerability from cvelistv5 – Published: 2026-04-17 08:38 – Updated: 2026-04-17 11:58
VLAI
Title
Plaintext Storage of a Password in Sparx Pro Cloud Server.
Summary
Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.
In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems Pty Ltd. | Sparx Pro Cloud Server |
Affected:
6.0.163
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-17T11:53:16.068396Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T11:58:38.118Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Sparx Pro Cloud Server",
"vendor": "Sparx Systems Pty Ltd.",
"versions": [
{
"status": "affected",
"version": "6.0.163"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pasi Orovuo, Solita Oy"
},
{
"lang": "en",
"type": "finder",
"value": "Henri H\u00e4m\u00e4l\u00e4inen, Solita Oy"
},
{
"lang": "en",
"type": "finder",
"value": "Samu Ahvenainen, Solita Oy"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.\u0026nbsp;\nIn a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext."
}
],
"value": "Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.\u00a0\nIn a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-17T08:38:36.968Z",
"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"shortName": "NCSC-FI"
},
"references": [
{
"url": "https://sparxsystems.com/products/procloudserver/6.1/history.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Plaintext Storage of a Password in Sparx Pro Cloud Server.",
"x_generator": {
"engine": "Vulnogram 1.0.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"assignerShortName": "NCSC-FI",
"cveId": "CVE-2025-15624",
"datePublished": "2026-04-17T08:38:36.968Z",
"dateReserved": "2026-04-09T08:02:32.647Z",
"dateUpdated": "2026-04-17T11:58:38.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1709 (GCVE-0-2025-1709)
Vulnerability from cvelistv5 – Published: 2025-07-03 11:20 – Updated: 2025-07-03 13:17
VLAI
Title
CVE-2025-1709
Summary
Several credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded).
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://www.endress.com | x_Endress+Hauser |
| https://sick.com/psirt | x_SICK PSIRT Security Advisories |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2025/… | x_The canonical URL. |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Endress+Hauser | Endress+Hauser MEAC300-FNADE4 |
Affected:
0 , ≤ <=0.16.0
(custom)
|
|
| Endress+Hauser | Endress+Hauser MEAC300-FNADE4 |
Unaffected:
>=0.17.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T12:59:53.849231Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T13:17:00.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Endress+Hauser MEAC300-FNADE4",
"vendor": "Endress+Hauser",
"versions": [
{
"lessThanOrEqual": "\u003c=0.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "Endress+Hauser MEAC300-FNADE4",
"vendor": "Endress+Hauser",
"versions": [
{
"status": "unaffected",
"version": "\u003e=0.17.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSeveral credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded).\u003c/p\u003e"
}
],
"value": "Several credentials for the local PostgreSQL database are stored in plain text (partially base64 encoded)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256 Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T11:20:20.793Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_Endress+Hauser"
],
"url": "https://www.endress.com"
},
{
"tags": [
"x_SICK PSIRT Security Advisories"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"x_The canonical URL."
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0008.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCustomers are strongly advised to update to the newest version.\u003c/p\u003e"
}
],
"value": "Customers are strongly advised to update to the newest version."
}
],
"source": {
"advisory": "SCA-2025-0008",
"discovery": "INTERNAL"
},
"title": "CVE-2025-1709",
"x_generator": {
"engine": "csaf2cve 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2025-1709",
"datePublished": "2025-07-03T11:20:20.793Z",
"dateReserved": "2025-02-26T08:40:04.800Z",
"dateUpdated": "2025-07-03T13:17:00.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21102 (GCVE-0-2025-21102)
Vulnerability from cvelistv5 – Published: 2025-01-08 11:25 – Updated: 2025-01-08 13:53
VLAI
Summary
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00026979… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | Dell VxRail HCI |
Affected:
7.0.000 , ≤ 7.0.532
(semver)
|
Date Public
2025-01-08 06:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T13:52:44.183520Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T13:53:04.170Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell VxRail HCI",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "7.0.532",
"status": "affected",
"version": "7.0.000",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-01-08T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"value": "Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T11:25:48.282Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000269793/dsa-2025-027-security-update-for-dell-vxrail-for-multiple-vulnerabilities?ref=emcadvisory_000269793_High_null"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-21102",
"datePublished": "2025-01-08T11:25:48.282Z",
"dateReserved": "2024-11-22T06:42:03.816Z",
"dateUpdated": "2025-01-08T13:53:04.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21111 (GCVE-0-2025-21111)
Vulnerability from cvelistv5 – Published: 2025-01-08 17:38 – Updated: 2025-01-08 18:22
VLAI
Summary
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00026995… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | Dell VxRail HCI |
Affected:
8.0.000 , ≤ 8.0.311
(semver)
|
Date Public
2025-01-08 06:30
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T18:22:07.834254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T18:22:13.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dell VxRail HCI",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "8.0.311",
"status": "affected",
"version": "8.0.000",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-01-08T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"value": "Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T17:38:45.985Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000269958/dsa-2025-025-security-update-for-dell-vxrail-for-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2025-21111",
"datePublished": "2025-01-08T17:38:45.985Z",
"dateReserved": "2024-11-23T06:04:00.841Z",
"dateUpdated": "2025-01-08T18:22:13.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2355 (GCVE-0-2025-2355)
Vulnerability from cvelistv5 – Published: 2025-03-17 00:31 – Updated: 2025-03-17 13:38
VLAI
Title
BlackVue App API Endpoint credentials storage
Summary
A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.299822 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.299822 | signaturepermissions-required |
| https://vuldb.com/?submit.513351 | third-party-advisory |
| https://github.com/geo-chen/BlackVue/blob/main/RE… | exploit |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2355",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-17T13:38:08.727009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T13:38:26.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"API Endpoint Handler"
],
"product": "App",
"vendor": "BlackVue",
"versions": [
{
"status": "affected",
"version": "3.65"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "geochen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in BlackVue App 3.65 f\u00fcr Android gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente API Endpoint Handler. Mittels Manipulieren des Arguments BCS_TOKEN/SECRET_KEY mit unbekannten Daten kann eine unprotected storage of credentials-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "Unprotected Storage of Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-17T00:31:04.118Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-299822 | BlackVue App API Endpoint credentials storage",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.299822"
},
{
"name": "VDB-299822 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.299822"
},
{
"name": "Submit #513351 | BlackVue Dashcam APK v3.65 Plaintext Password in Configuration File",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.513351"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/BlackVue/blob/main/README.md#finding-2-hardcoded-secrets-exposed-in-plaintext"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-15T22:02:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "BlackVue App API Endpoint credentials storage"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2355",
"datePublished": "2025-03-17T00:31:04.118Z",
"dateReserved": "2025-03-15T20:57:41.942Z",
"dateUpdated": "2025-03-17T13:38:26.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24375 (GCVE-0-2025-24375)
Vulnerability from cvelistv5 – Published: 2025-04-09 22:21 – Updated: 2025-04-10 15:55
VLAI
Title
MySQL K8s charm could leak credentials for root-level user `serverconfig`
Summary
Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary script file containing the full URI, with user and password. The file can be read by a unprivileged user during the operator runtime, due it being created with read permissions (0x644). On other cases, when calling mysql cli, for one specific case when creating the operator users, the DDL contains said users credentials, which can be leak through the same mechanism of a temporary file. All versions prior to revision 221 for kubernetes and revision 338 for machine operators.
Severity
5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-256 - Plaintext Storage of a Password
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/canonical/mysql-k8s-operator/s… | x_refsource_CONFIRM |
| https://github.com/canonical/mysql-k8s-operator/p… | x_refsource_MISC |
| https://github.com/canonical/mysql-operator/pull/579 | x_refsource_MISC |
| https://github.com/canonical/mysql-k8s-operator/c… | x_refsource_MISC |
| https://github.com/canonical/mysql-operator/commi… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | mysql-k8s-operator |
Affected:
< rev221
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-10T15:54:52.264718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-10T15:55:01.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mysql-k8s-operator",
"vendor": "canonical",
"versions": [
{
"status": "affected",
"version": "\u003c rev221"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary script file containing the full URI, with user and password. The file can be read by a unprivileged user during the operator runtime, due it being created with read permissions (0x644). On other cases, when calling mysql cli, for one specific case when creating the operator users, the DDL contains said users credentials, which can be leak through the same mechanism of a temporary file. All versions prior to revision 221 for kubernetes and revision 338 for machine operators."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256: Plaintext Storage of a Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T22:21:37.858Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/canonical/mysql-k8s-operator/security/advisories/GHSA-g83v-7694-2hf7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/canonical/mysql-k8s-operator/security/advisories/GHSA-g83v-7694-2hf7"
},
{
"name": "https://github.com/canonical/mysql-k8s-operator/pull/553",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/canonical/mysql-k8s-operator/pull/553"
},
{
"name": "https://github.com/canonical/mysql-operator/pull/579",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/canonical/mysql-operator/pull/579"
},
{
"name": "https://github.com/canonical/mysql-k8s-operator/commit/7c6b1206fcbc7324b72f413c5e63216e742a71a1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/canonical/mysql-k8s-operator/commit/7c6b1206fcbc7324b72f413c5e63216e742a71a1"
},
{
"name": "https://github.com/canonical/mysql-operator/commit/1fb61c1ee3e396cdce13d5e8155f2f32a860f89e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/canonical/mysql-operator/commit/1fb61c1ee3e396cdce13d5e8155f2f32a860f89e"
}
],
"source": {
"advisory": "GHSA-g83v-7694-2hf7",
"discovery": "UNKNOWN"
},
"title": "MySQL K8s charm could leak credentials for root-level user `serverconfig`"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24375",
"datePublished": "2025-04-09T22:21:37.858Z",
"dateReserved": "2025-01-20T15:18:26.992Z",
"dateUpdated": "2025-04-10T15:55:01.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2500 (GCVE-0-2025-2500)
Vulnerability from cvelistv5 – Published: 2025-05-30 12:29 – Updated: 2025-05-30 13:22
VLAI
Summary
A vulnerability exists in the SOAP Web services of the Asset
Suite versions listed below. If successfully exploited, an attacker
could gain unauthorized access to the product and the time window of a possible password attack could be expanded.
Severity
7.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Energy | Asset Suite |
Affected:
9.6.4.4
Affected: 9.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T13:22:10.779733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T13:22:19.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Asset Suite",
"vendor": "Hitachi Energy",
"versions": [
{
"status": "affected",
"version": "9.6.4.4"
},
{
"status": "affected",
"version": "9.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the SOAP Web services of the Asset \nSuite versions listed below. If successfully exploited, an attacker \ncould gain unauthorized access to the product and the time window of a possible password attack could be expanded."
}
],
"value": "A vulnerability exists in the SOAP Web services of the Asset \nSuite versions listed below. If successfully exploited, an attacker \ncould gain unauthorized access to the product and the time window of a possible password attack could be expanded."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T12:29:21.370Z",
"orgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"shortName": "Hitachi Energy"
},
"references": [
{
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000212\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e383dce4-0c27-4495-91c4-0db157728d17",
"assignerShortName": "Hitachi Energy",
"cveId": "CVE-2025-2500",
"datePublished": "2025-05-30T12:29:21.370Z",
"dateReserved": "2025-03-18T14:54:10.957Z",
"dateUpdated": "2025-05-30T13:22:19.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25051 (GCVE-0-2025-25051)
Vulnerability from cvelistv5 – Published: 2026-01-22 22:21 – Updated: 2026-01-23 20:10
VLAI
Title
AutomationDirect CLICK Programmable Logic Controller Plaintext Storage of a Password
Summary
An attacker could decrypt sensitive data, impersonate legitimate users
or devices, and potentially gain access to network resources for lateral
attacks.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AutomationDirect | CLICK Programmable Logic Controller |
Affected:
C0-0x
Affected: C0-1x Affected: C2-x Unaffected: V3.90 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-23T20:09:56.650718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-23T20:10:07.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CLICK Programmable Logic Controller",
"vendor": "AutomationDirect",
"versions": [
{
"status": "affected",
"version": "C0-0x"
},
{
"status": "affected",
"version": "C0-1x"
},
{
"status": "affected",
"version": "C2-x"
},
{
"status": "unaffected",
"version": "V3.90"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dylan Chambers Bourgeois of Triskele Labs reported these vulnerabilities to CISA"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker could decrypt sensitive data, impersonate legitimate users \nor devices, and potentially gain access to network resources for lateral\n attacks."
}
],
"value": "An attacker could decrypt sensitive data, impersonate legitimate users \nor devices, and potentially gain access to network resources for lateral\n attacks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "CWE-256",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T22:21:17.674Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-02"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-022-02.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AutomationDirect recommends that users update CLICK PLUS and firmware to V3.90.\n\n\u003cbr\u003e"
}
],
"value": "AutomationDirect recommends that users update CLICK PLUS and firmware to V3.90."
}
],
"source": {
"advisory": "ICSA-26-022-02",
"discovery": "EXTERNAL"
},
"title": "AutomationDirect CLICK Programmable Logic Controller Plaintext Storage of a Password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eNetwork Isolation \u2013 Disconnect the \nCLICK PLUS PLC from external networks (e.g., the internet or corporate \nLAN) to reduce exposure.\u003c/li\u003e\u003cli\u003eSecure Communications \u2013 Use only trusted, dedicated internal networks or air-gapped systems for device communication.\u003c/li\u003e\u003cli\u003eAccess Control \u2013 Restrict both physical and logical access to authorized personnel only.\u003c/li\u003e\u003cli\u003eApplication Whitelisting \u2013 Configure \nwhitelisting so that only trusted, pre-approved applications are allowed\n to run. Block any unauthorized software.\u003c/li\u003e\u003cli\u003eEndpoint Protection \u2013 Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\u003c/li\u003e\u003cli\u003eLogging \u0026amp; Monitoring \u2013 Enable and regularly review system logs to detect suspicious or unauthorized activity.\u003c/li\u003e\u003cli\u003eBackup \u0026amp; Recovery \u2013 Maintain \nsecure, tested backups of the PLC and its configurations to minimize \ndowntime in case of an incident.\u003c/li\u003e\u003cli\u003eOngoing Risk Assessment \u2013 Continuously\n evaluate risks associated with running outdated firmware and adjust \ncompensating measures accordingly.\u003c/li\u003e\u003c/ul\u003e\n\n\n\n\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "If the update cannot be applied right away, the following \ncompensating controls are recommended until the upgrade can be \nperformed:\n\n\n * Network Isolation \u2013 Disconnect the \nCLICK PLUS PLC from external networks (e.g., the internet or corporate \nLAN) to reduce exposure.\n * Secure Communications \u2013 Use only trusted, dedicated internal networks or air-gapped systems for device communication.\n * Access Control \u2013 Restrict both physical and logical access to authorized personnel only.\n * Application Whitelisting \u2013 Configure \nwhitelisting so that only trusted, pre-approved applications are allowed\n to run. Block any unauthorized software.\n * Endpoint Protection \u2013 Use antivirus or EDR tools and configure host-based firewalls to block unauthorized access attempts.\n * Logging \u0026 Monitoring \u2013 Enable and regularly review system logs to detect suspicious or unauthorized activity.\n * Backup \u0026 Recovery \u2013 Maintain \nsecure, tested backups of the PLC and its configurations to minimize \ndowntime in case of an incident.\n * Ongoing Risk Assessment \u2013 Continuously\n evaluate risks associated with running outdated firmware and adjust \ncompensating measures accordingly."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-25051",
"datePublished": "2026-01-22T22:21:17.674Z",
"dateReserved": "2025-02-05T15:36:40.953Z",
"dateUpdated": "2026-01-23T20:10:07.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Avoid storing passwords in easily accessible locations.
Mitigation
Phase: Architecture and Design
Description:
- Consider storing cryptographic hashes of passwords as an alternative to storing in plaintext.
Mitigation
Phases:
Description:
- A programmer might attempt to remedy the password management problem by obscuring the password with an encoding function, such as base 64 encoding, but this effort does not adequately protect the password because the encoding can be detected and decoded easily.
No CAPEC attack patterns related to this CWE.