Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

CVE-2025-7738 (GCVE-0-2025-7738)

Vulnerability from cvelistv5 – Published: 2025-07-31 14:12 – Updated: 2025-12-23 22:16
VLAI
Title
Python3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aap
Summary
A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
Ansible django-ansible-base Affected: 0 , < 2025.7.22 (custom)
Create a notification for this product.
Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8 Unaffected: 0:2.5.20250730-1.el8ap , < * (rpm)
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
Create a notification for this product.
Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9 Unaffected: 0:2.5.20250730-1.el9ap , < * (rpm)
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
Create a notification for this product.
Date Public
2025-07-17 00:00
Credits
Red Hat would like to thank Peter Braun (RedHat) for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7738",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-31T14:21:19.984926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-31T14:21:26.556Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/django-ansible-base",
          "defaultStatus": "unaffected",
          "packageName": "django-ansible-base",
          "product": "django-ansible-base",
          "vendor": "Ansible",
          "versions": [
            {
              "lessThan": "2025.7.22",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.11-django-ansible-base",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.20250730-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.11-django-ansible-base",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.20250730-1.el9ap",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Peter Braun (RedHat) for reporting this issue."
        }
      ],
      "datePublic": "2025-07-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-23T22:16:48.426Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:12772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12772"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-7738"
        },
        {
          "name": "RHBZ#2381589",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381589"
        },
        {
          "url": "https://github.com/ansible/django-ansible-base/commit/e241ea4dce8df577eda15301e0a8e61be647b27b"
        },
        {
          "url": "https://github.com/ansible/django-ansible-base/pull/773"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-17T05:02:07.783Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-17T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Python3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aap",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-312: Cleartext Storage of Sensitive Information"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-7738",
    "datePublished": "2025-07-31T14:12:02.648Z",
    "dateReserved": "2025-07-17T05:09:57.113Z",
    "dateUpdated": "2025-12-23T22:16:48.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-7426 (GCVE-0-2025-7426)

Vulnerability from cvelistv5 – Published: 2025-08-25 08:52 – Updated: 2025-08-25 13:47
VLAI
Title
MINOVA TTA Information Disclosure and Credential Exposure
Summary
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.  Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-312 - Cleartext Storage of Sensitive Information
  • CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
URL Tags
https://www.minova.de/de/tta.html product
https://www.cryptron.ch/en/blog-detail/security-a… technical-descriptionthird-party-advisory
Impacted products
Credits
Stefan Mettler, Senior Penetration Tester from CRYPTRON Security GmbH Jasmin Frei, Senior Project Manager from CRYPTRON Security GmbH
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7426",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T13:47:32.941835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T13:47:36.182Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "ch.minova.nservice"
          ],
          "platforms": [
            "Windows"
          ],
          "product": "TTA",
          "vendor": "MINOVA Information Services GmbH",
          "versions": [
            {
              "status": "affected",
              "version": "11.17.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Stefan Mettler, Senior Penetration Tester from CRYPTRON Security GmbH"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "Jasmin Frei, Senior Project Manager from CRYPTRON Security GmbH"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u0026nbsp; Debug ports\u0026nbsp;1602,\u0026nbsp;1603 and\u0026nbsp;1636 also expose service architecture information and\u0026nbsp;system activity logs"
            }
          ],
          "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u00a0 Debug ports\u00a01602,\u00a01603 and\u00a01636 also expose service architecture information and\u00a0system activity logs"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-212",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-212 Functionality Misuse"
            }
          ]
        },
        {
          "capecId": "CAPEC-131",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-131 Resource Leak Exposure"
            }
          ]
        },
        {
          "capecId": "CAPEC-155",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-155 Screen Temporary Files for Sensitive Information"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-25T08:52:47.797Z",
        "orgId": "455daabc-a392-441d-aa46-37d35189897c",
        "shortName": "NCSC.ch"
      },
      "references": [
        {
          "tags": [
            "product"
          ],
          "url": "https://www.minova.de/de/tta.html"
        },
        {
          "tags": [
            "technical-description",
            "third-party-advisory"
          ],
          "url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSecurity patch for all MINOVA TTA releases in progress.\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Security patch for all MINOVA TTA releases in progress."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-08T22:00:00.000Z",
          "value": "First contact with the vendor - no response"
        },
        {
          "lang": "en",
          "time": "2025-05-25T22:00:00.000Z",
          "value": "Second mail to the vendor - no response"
        },
        {
          "lang": "en",
          "time": "2025-06-19T22:00:00.000Z",
          "value": "Third mail to the vendor and response received on the same day"
        },
        {
          "lang": "en",
          "time": "2025-06-22T22:00:00.000Z",
          "value": "Exchange of the security report to the vendor"
        },
        {
          "lang": "en",
          "time": "2025-07-07T22:00:00.000Z",
          "value": "Confirmation of the vulnerability by the vendor"
        },
        {
          "lang": "en",
          "time": "2025-08-25T09:59:00.000Z",
          "value": "Planned public disclosure (CVE publication)"
        }
      ],
      "title": "MINOVA TTA Information Disclosure and Credential Exposure",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDisable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,\u0026nbsp;1604, 1636.\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Disable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,\u00a01604, 1636."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c",
    "assignerShortName": "NCSC.ch",
    "cveId": "CVE-2025-7426",
    "datePublished": "2025-08-25T08:52:47.797Z",
    "dateReserved": "2025-07-10T09:22:44.017Z",
    "dateUpdated": "2025-08-25T13:47:36.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7397 (GCVE-0-2025-7397)

Vulnerability from cvelistv5 – Published: 2025-07-17 21:53 – Updated: 2025-07-18 14:10
VLAI
Title
CLI history displays inline passwords
Summary
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
Broadcom Brocade ASCG Affected: before 3.3.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7397",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-18T14:10:31.271782Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-18T14:10:37.202Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Brocade ASCG",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "before 3.3.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in the ascgshell, of \nBrocade ASCG before 3.3.0 stores any command executed in the Command \nLine Interface (CLI) in plain text within the command history. A local \nauthenticated user that can access sensitive information like passwords \nwithin the CLI history leading to unauthorized access and potential data\n breaches."
            }
          ],
          "value": "A vulnerability in the ascgshell, of \nBrocade ASCG before 3.3.0 stores any command executed in the Command \nLine Interface (CLI) in plain text within the command history. A local \nauthenticated user that can access sensitive information like passwords \nwithin the CLI history leading to unauthorized access and potential data\n breaches."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312: Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-17T21:53:39.786Z",
        "orgId": "87b297d7-335e-4844-9551-11b97995a791",
        "shortName": "brocade"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35949"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CLI history displays inline passwords",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791",
    "assignerShortName": "brocade",
    "cveId": "CVE-2025-7397",
    "datePublished": "2025-07-17T21:53:39.786Z",
    "dateReserved": "2025-07-09T17:11:15.086Z",
    "dateUpdated": "2025-07-18T14:10:37.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7215 (GCVE-0-2025-7215)

Vulnerability from cvelistv5 – Published: 2025-07-09 04:02 – Updated: 2025-07-09 14:17
VLAI
Title
FNKvision FNK-GU2 wpa_supplicant.conf cleartext storage
Summary
A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
  • CWE-310 - Cryptographic Issues
Assigner
References
Impacted products
Vendor Product Version
FNKvision FNK-GU2 Affected: 40.1.0
Affected: 40.1.1
Affected: 40.1.2
Affected: 40.1.3
Affected: 40.1.4
Affected: 40.1.5
Affected: 40.1.6
Affected: 40.1.7
Create a notification for this product.
Credits
0xHasta (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7215",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-09T14:17:23.684726Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-09T14:17:36.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FNK-GU2",
          "vendor": "FNKvision",
          "versions": [
            {
              "status": "affected",
              "version": "40.1.0"
            },
            {
              "status": "affected",
              "version": "40.1.1"
            },
            {
              "status": "affected",
              "version": "40.1.2"
            },
            {
              "status": "affected",
              "version": "40.1.3"
            },
            {
              "status": "affected",
              "version": "40.1.4"
            },
            {
              "status": "affected",
              "version": "40.1.5"
            },
            {
              "status": "affected",
              "version": "40.1.6"
            },
            {
              "status": "affected",
              "version": "40.1.7"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "0xHasta (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The manipulation leads to cleartext storage of sensitive information. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine problematische Schwachstelle wurde in FNKvision FNK-GU2 bis 40.1.7 entdeckt. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /rom/wpa_supplicant.conf. Durch die Manipulation mit unbekannten Daten kann eine cleartext storage of sensitive information-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 1.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 1.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 0.8,
            "vectorString": "AV:L/AC:H/Au:M/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-310",
              "description": "Cryptographic Issues",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-09T04:02:05.353Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-315164 | FNKvision FNK-GU2 wpa_supplicant.conf cleartext storage",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.315164"
        },
        {
          "name": "VDB-315164 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.315164"
        },
        {
          "name": "Submit #608030 | FNKvision FNK-GU2 Wireless IP Camera Firmware version 40.1.7 and prior Clear-text Storage of Sensitive Information (CWE-312)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.608030"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-07T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-07-07T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-07-07T15:24:29.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "FNKvision FNK-GU2 wpa_supplicant.conf cleartext storage"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-7215",
    "datePublished": "2025-07-09T04:02:05.353Z",
    "dateReserved": "2025-07-07T13:19:21.130Z",
    "dateUpdated": "2025-07-09T14:17:36.350Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6748 (GCVE-0-2025-6748)

Vulnerability from cvelistv5 – Published: 2025-06-27 01:31 – Updated: 2025-06-27 13:44
VLAI
Title
Bharti Airtel Thanks App files cleartext storage in a file or on disk
Summary
A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-313 - Cleartext Storage in a File or on Disk
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
Bharti Airtel Thanks App Affected: 4.105.4
Create a notification for this product.
Credits
honest_corrupt (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6748",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-27T13:44:18.080221Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-27T13:44:33.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thanks App",
          "vendor": "Bharti Airtel",
          "versions": [
            {
              "status": "affected",
              "version": "4.105.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "honest_corrupt (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Es wurde eine problematische Schwachstelle in Bharti Airtel Thanks App 4.105.4 f\u00fcr Android entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei /Android/data/com.myairtelapp/files/. Durch das Manipulieren mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Ein Angriff setzt physischen Zugriff auf dem Zielobjekt voraus. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.4,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-313",
              "description": "Cleartext Storage in a File or on Disk",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-27T01:31:06.283Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-314046 | Bharti Airtel Thanks App files cleartext storage in a file or on disk",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.314046"
        },
        {
          "name": "VDB-314046 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.314046"
        },
        {
          "name": "Submit #598122 | Airtel (Bharti Airtel Limited) Airtel Thanks App 4.105.4 Insecure Local Storage (OWASP Mobile Top 10: M2, M5)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.598122"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://github.com/honestcorrupt/-CVE-Proof-of-Concept-Airtel-Android-App-Insecure-Local-Storage-of-Sensitive-Data"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/file/d/1atnjssBq4tHeofoIDbWRH32z9rvA9jez/view?usp=sharing"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-26T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-06-26T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-06-26T22:07:45.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Bharti Airtel Thanks App files cleartext storage in a file or on disk"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-6748",
    "datePublished": "2025-06-27T01:31:06.283Z",
    "dateReserved": "2025-06-26T20:02:31.752Z",
    "dateUpdated": "2025-06-27T13:44:33.773Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6224 (GCVE-0-2025-6224)

Vulnerability from cvelistv5 – Published: 2025-07-01 10:39 – Updated: 2025-07-01 14:30
VLAI
Title
Key leakage in juju/utils certificates
Summary
Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
Canonical Juju utils Affected: 4.0.1 , ≤ 4.0.3 (semver)
Create a notification for this product.
Date Public
2025-07-01 00:00
Credits
Josh McSavaney
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6224",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-01T14:30:33.241503Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-01T14:30:51.639Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "juju utils",
          "platforms": [
            "Linux"
          ],
          "product": "Juju utils",
          "repo": "https://github.com/juju/utils",
          "vendor": "Canonical",
          "versions": [
            {
              "lessThanOrEqual": "4.0.3",
              "status": "affected",
              "version": "4.0.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Josh McSavaney"
        }
      ],
      "datePublic": "2025-07-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certificate generation in juju/utils using the cert.NewLeaf function could include private information. If this certificate were then transferred over the network in plaintext, an attacker listening on that network could sniff the certificate and trivially extract the private key from it."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-131",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-131 Resource Leak Exposure"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-01T10:39:34.322Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "url": "https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr"
        }
      ],
      "source": {
        "advisory": "https://github.com/juju/utils/security/advisories/GHSA-h34r-jxqm-qgpr",
        "discovery": "EXTERNAL"
      },
      "title": "Key leakage in juju/utils certificates"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2025-6224",
    "datePublished": "2025-07-01T10:39:34.322Z",
    "dateReserved": "2025-06-18T08:48:41.677Z",
    "dateUpdated": "2025-07-01T14:30:51.639Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5154 (GCVE-0-2025-5154)

Vulnerability from cvelistv5 – Published: 2025-05-25 18:31 – Updated: 2025-05-28 17:38
VLAI
Title
PhonePe App SQLite Database databases cleartext storage in a file or on disk
Summary
A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on Android. Affected is an unknown function of the file /data/data/com.phonepe.app/databases/ of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-313 - Cleartext Storage in a File or on Disk
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
n/a PhonePe App Affected: 25.03.21.0
Credits
honest_corrupt (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5154",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T14:21:04.403091Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T17:38:08.525Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/honestcorrupt/-Insecure-Local-Storage-of-Sensitive-User-Data-in-PhonePe-Android-App-Unpatched-"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "SQLite Database"
          ],
          "product": "PhonePe App",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "25.03.21.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "honest_corrupt (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on Android. Affected is an unknown function of the file /data/data/com.phonepe.app/databases/ of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in PhonePe App 25.03.21.0 f\u00fcr Android gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /data/data/com.phonepe.app/databases/ der Komponente SQLite Database. Durch das Beeinflussen mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.4,
            "vectorString": "AV:L/AC:L/Au:M/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-313",
              "description": "Cleartext Storage in a File or on Disk",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-25T18:31:04.840Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-310242 | PhonePe App SQLite Database databases cleartext storage in a file or on disk",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.310242"
        },
        {
          "name": "VDB-310242 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.310242"
        },
        {
          "name": "Submit #576245 | PhonePe Private Limited PhonePe Android App 25.03.21.0 Information Disclosure",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.576245"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/honestcorrupt/-Insecure-Local-Storage-of-Sensitive-User-Data-in-PhonePe-Android-App-Unpatched-"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://drive.google.com/drive/folders/1Xj9y2w3E98IZu8PUeGGI0nQPNsvVm87I?usp=sharing"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-24T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-25T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-25T00:26:06.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "PhonePe App SQLite Database databases cleartext storage in a file or on disk"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-5154",
    "datePublished": "2025-05-25T18:31:04.840Z",
    "dateReserved": "2025-05-24T22:19:52.467Z",
    "dateUpdated": "2025-05-28T17:38:08.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4737 (GCVE-0-2025-4737)

Vulnerability from cvelistv5 – Published: 2025-05-15 07:58 – Updated: 2025-05-15 16:04
VLAI
Summary
Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
Impacted products
Vendor Product Version
TECNO com.transsion.aivoiceassistant Affected: 4.1.1.014 , ≤ ≤4.3.0.x (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 6.2,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-4737",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-15T16:02:46.336231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-15T16:04:57.086Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "com.transsion.aivoiceassistant",
          "vendor": "TECNO",
          "versions": [
            {
              "lessThanOrEqual": "\u22644.3.0.x",
              "status": "affected",
              "version": "4.1.1.014",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage.\u003cbr\u003e"
            }
          ],
          "value": "Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-15T08:53:43.206Z",
        "orgId": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
        "shortName": "TECNOMobile"
      },
      "references": [
        {
          "url": "https://security.tecno.com/SRC/blogdetail/422?lang=en_US"
        },
        {
          "url": "https://security.tecno.com/SRC/securityUpdates"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "907edf6c-bf03-423e-ab1a-8da27e1aa1ea",
    "assignerShortName": "TECNOMobile",
    "cveId": "CVE-2025-4737",
    "datePublished": "2025-05-15T07:58:15.251Z",
    "dateReserved": "2025-05-15T07:41:33.003Z",
    "dateUpdated": "2025-05-15T16:04:57.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4537 (GCVE-0-2025-4537)

Vulnerability from cvelistv5 – Published: 2025-05-11 09:31 – Updated: 2025-05-12 14:17
VLAI
Title
yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie
Summary
A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive information in a cookie. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-315 - Cleartext Storage of Sensitive Information in a Cookie
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
yangzongzhuan RuoYi-Vue Affected: 3.8.0
Affected: 3.8.1
Affected: 3.8.2
Affected: 3.8.3
Affected: 3.8.4
Affected: 3.8.5
Affected: 3.8.6
Affected: 3.8.7
Affected: 3.8.8
Affected: 3.8.9
Create a notification for this product.
Credits
s0l42 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4537",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-12T14:17:00.631099Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-12T14:17:03.949Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://magnificent-dill-351.notion.site/Password-Disclosure-in-RuoYi-Vue-3-8-9-1e3c693918ed80ee9799f270c8346cd4"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Password Handler"
          ],
          "product": "RuoYi-Vue",
          "vendor": "yangzongzhuan",
          "versions": [
            {
              "status": "affected",
              "version": "3.8.0"
            },
            {
              "status": "affected",
              "version": "3.8.1"
            },
            {
              "status": "affected",
              "version": "3.8.2"
            },
            {
              "status": "affected",
              "version": "3.8.3"
            },
            {
              "status": "affected",
              "version": "3.8.4"
            },
            {
              "status": "affected",
              "version": "3.8.5"
            },
            {
              "status": "affected",
              "version": "3.8.6"
            },
            {
              "status": "affected",
              "version": "3.8.7"
            },
            {
              "status": "affected",
              "version": "3.8.8"
            },
            {
              "status": "affected",
              "version": "3.8.9"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "s0l42 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.8.9 and classified as problematic. Affected by this issue is some unknown functionality of the file ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue of the component Password Handler. The manipulation leads to cleartext storage of sensitive information in a cookie. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in yangzongzhuan RuoYi-Vue bis 3.8.9 gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue der Komponente Password Handler. Durch das Manipulieren mit unbekannten Daten kann eine cleartext storage of sensitive information in a cookie-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-315",
              "description": "Cleartext Storage of Sensitive Information in a Cookie",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-11T09:31:05.162Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-308282 | yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.308282"
        },
        {
          "name": "VDB-308282 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.308282"
        },
        {
          "name": "Submit #566469 | RuoYi-Vue 3.8.9 Information Disclosure",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.566469"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://magnificent-dill-351.notion.site/Password-Disclosure-in-RuoYi-Vue-3-8-9-1e3c693918ed80ee9799f270c8346cd4"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-10T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-05-10T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-05-10T08:12:30.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "yangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookie"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-4537",
    "datePublished": "2025-05-11T09:31:05.162Z",
    "dateReserved": "2025-05-10T06:07:27.677Z",
    "dateUpdated": "2025-05-12T14:17:03.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4394 (GCVE-0-2025-4394)

Vulnerability from cvelistv5 – Published: 2025-07-24 03:26 – Updated: 2026-03-27 19:40
VLAI
Title
Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability
Summary
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
Impacted products
Credits
Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4394",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-24T13:19:43.967176Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-24T13:19:47.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MyCareLink Patient Monitor 24950",
          "vendor": "Medtronic",
          "versions": [
            {
              "lessThan": "June 25, 2025",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MyCareLink Patient Monitor 24952",
          "vendor": "Medtronic",
          "versions": [
            {
              "lessThan": "June 25, 2025",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ethan Morchy, with Somerset Recon"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Carl Mann, independent researcher"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
            }
          ],
          "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T19:40:02.815Z",
        "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "shortName": "Medtronic"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
    "assignerShortName": "Medtronic",
    "cveId": "CVE-2025-4394",
    "datePublished": "2025-07-24T03:26:06.706Z",
    "dateReserved": "2025-05-06T20:00:59.768Z",
    "dateUpdated": "2026-03-27T19:40:02.815Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.