CVE-2025-47729
CVE-2025-47729
In short
TeleMessage's archiving system stores unencrypted copies of messages from the Archive Signal app, contradicting the company's claims about end-to-end encryption. This means archived messages can be read by anyone with access to the storage system.
Technical detail
The TeleMessage archiving backend stores cleartext message copies despite documentation claiming end-to-end encryption from mobile to archive. Threat actors with backend access or during transit can read archived messages; exploitation has been observed in the wild as of May 2025.
Summary generated and translated by AI from the official description.
The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Affected products
TeleMessage · archiving backendWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/https://news.ycombinator.com/item?id=43909220https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-47729https://www.theregister.com/2025/05/05/telemessage_investigating/