CVE-2025-26849 MEDIUM

CVE-2025-26849

Vendor Docusnap
Product Docusnap
Weakness CWE-1394
Published March 4, 2025
Last update March 5, 2025

CVSS base score

4.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. This key can be used to decrypt inventory files that contain sensitive information such as firewall rules.

Key dates

02Disclosure timeline

March 4, 2025 CVE published
March 5, 2025 Record updated