CVE-2025-26318 MEDIUM

CVE-2025-26318

Vendor Tsplus
Product TSplus Remote Access
Weakness CWE-201
Published March 4, 2025
Last update August 26, 2025

CVSS base score

5.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connected to the application.

Key dates

02Disclosure timeline

March 4, 2025 CVE published
August 26, 2025 Record updated

Related vulnerabilities

04Related CVE