CVE-2025-31362 LOW

CVE-2025-31362

Vendor Open, Inc.
Product BizRobo!
Weakness CWE-321
Published April 11, 2025
Last update April 11, 2025

CVSS base score

3.7/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment.

Key dates

02Disclosure timeline

April 11, 2025 CVE published
April 11, 2025 Record updated