Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities by Bizerba
CVE-2025-12509 (GCVE-0-2025-12509)
Vulnerability from cvelistv5 – Published: 2025-10-31 15:51 – Updated: 2025-10-31 17:43
VLAI
Title
Scripts for the module Global_Shipping executable on BRAIN2 Server
Summary
On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T17:43:42.387454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T17:43:51.160Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "BRAIN2",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "3.07",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:brain2:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "3.07",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights."
}
],
"value": "On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:51:25.120Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 3.07"
}
],
"value": "Update to version 3.07"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0007",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Release of new version BRAIN2 3.07"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security Advisory"
}
],
"title": "Scripts for the module Global_Shipping executable on BRAIN2 Server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BRAIN2 users can be deprived of the right to implement Global_Shipping scripts.\u003cbr\u003e"
}
],
"value": "BRAIN2 users can be deprived of the right to implement Global_Shipping scripts."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12509",
"datePublished": "2025-10-31T15:51:25.120Z",
"dateReserved": "2025-10-30T14:08:51.595Z",
"dateUpdated": "2025-10-31T17:43:51.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12508 (GCVE-0-2025-12508)
Vulnerability from cvelistv5 – Published: 2025-10-31 15:49 – Updated: 2025-10-31 17:44
VLAI
Title
Unencrypted communication to Active Directory services
Summary
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12508",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T17:44:19.445267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T17:44:27.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "BRAIN2",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "3.07",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:brain2:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "3.07",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality."
}
],
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:49:54.429Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0006.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 3.07\u003cbr\u003e"
}
],
"value": "Update to version 3.07"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0006",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Release of new version BRAIN2 3.07"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security"
}
],
"title": "Unencrypted communication to Active Directory services",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead."
}
],
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12508",
"datePublished": "2025-10-31T15:49:54.429Z",
"dateReserved": "2025-10-30T14:08:50.565Z",
"dateUpdated": "2025-10-31T17:44:27.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12507 (GCVE-0-2025-12507)
Vulnerability from cvelistv5 – Published: 2025-10-31 15:48 – Updated: 2025-10-31 18:17
VLAI
Title
Insecure service configuration – unquoted path
Summary
The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Bizerba | _connect.BRAIN |
Affected:
0.0 , < 5.02
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T18:17:08.521501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T18:17:20.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "_connect.BRAIN",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "5.02",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:_connect.brain:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "5.02",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.\u003cbr\u003e"
}
],
"value": "The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:48:36.371Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0005.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version \u2265 5.02\u003cbr\u003e"
}
],
"value": "Update to version \u2265 5.02"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0005",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-01-15T23:00:00.000Z",
"value": "Release of new Version _connect.BRAIN 5.02"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security Advisory"
}
],
"title": "Insecure service configuration \u2013 unquoted path",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enclose the service path in the registry in quotes: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\BCS\\ImagePath\u003cbr\u003e"
}
],
"value": "Enclose the service path in the registry in quotes: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\BCS\\ImagePath"
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12507",
"datePublished": "2025-10-31T15:48:36.371Z",
"dateReserved": "2025-10-30T14:08:49.409Z",
"dateUpdated": "2025-10-31T18:17:20.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12509 (GCVE-0-2025-12509)
Vulnerability from nvd – Published: 2025-10-31 15:51 – Updated: 2025-10-31 17:43
VLAI
Title
Scripts for the module Global_Shipping executable on BRAIN2 Server
Summary
On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T17:43:42.387454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T17:43:51.160Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "BRAIN2",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "3.07",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:brain2:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "3.07",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights."
}
],
"value": "On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:51:25.120Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 3.07"
}
],
"value": "Update to version 3.07"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0007",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Release of new version BRAIN2 3.07"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security Advisory"
}
],
"title": "Scripts for the module Global_Shipping executable on BRAIN2 Server",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BRAIN2 users can be deprived of the right to implement Global_Shipping scripts.\u003cbr\u003e"
}
],
"value": "BRAIN2 users can be deprived of the right to implement Global_Shipping scripts."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12509",
"datePublished": "2025-10-31T15:51:25.120Z",
"dateReserved": "2025-10-30T14:08:51.595Z",
"dateUpdated": "2025-10-31T17:43:51.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12508 (GCVE-0-2025-12508)
Vulnerability from nvd – Published: 2025-10-31 15:49 – Updated: 2025-10-31 17:44
VLAI
Title
Unencrypted communication to Active Directory services
Summary
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12508",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T17:44:19.445267Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T17:44:27.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "BRAIN2",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "3.07",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:brain2:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "3.07",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality."
}
],
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:49:54.429Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0006.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 3.07\u003cbr\u003e"
}
],
"value": "Update to version 3.07"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0006",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Release of new version BRAIN2 3.07"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security"
}
],
"title": "Unencrypted communication to Active Directory services",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead."
}
],
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12508",
"datePublished": "2025-10-31T15:49:54.429Z",
"dateReserved": "2025-10-30T14:08:50.565Z",
"dateUpdated": "2025-10-31T17:44:27.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12507 (GCVE-0-2025-12507)
Vulnerability from nvd – Published: 2025-10-31 15:48 – Updated: 2025-10-31 18:17
VLAI
Title
Insecure service configuration – unquoted path
Summary
The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Bizerba | _connect.BRAIN |
Affected:
0.0 , < 5.02
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T18:17:08.521501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T18:17:20.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"platforms": [
"Windows"
],
"product": "_connect.BRAIN",
"vendor": "Bizerba",
"versions": [
{
"lessThan": "5.02",
"status": "affected",
"version": "0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bizerba:_connect.brain:*:*:windows:*:*:*:*:*",
"versionEndExcluding": "5.02",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.\u003cbr\u003e"
}
],
"value": "The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T15:48:36.371Z",
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba"
},
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0005.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version \u2265 5.02\u003cbr\u003e"
}
],
"value": "Update to version \u2265 5.02"
}
],
"source": {
"advisory": "BIZERBA-SA-2025-0005",
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-01-15T23:00:00.000Z",
"value": "Release of new Version _connect.BRAIN 5.02"
},
{
"lang": "en",
"time": "2025-10-30T23:00:00.000Z",
"value": "Publish Security Advisory"
}
],
"title": "Insecure service configuration \u2013 unquoted path",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enclose the service path in the registry in quotes: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\BCS\\ImagePath\u003cbr\u003e"
}
],
"value": "Enclose the service path in the registry in quotes: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\BCS\\ImagePath"
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"cveId": "CVE-2025-12507",
"datePublished": "2025-10-31T15:48:36.371Z",
"dateReserved": "2025-10-30T14:08:49.409Z",
"dateUpdated": "2025-10-31T18:17:20.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}