← volver
CVE-2025-10227

Lack of Encryption in Object Archive in AxxonSoft Axxon One (C-Werk) before 2.0.8

CVSS 5.1 MEDIUMEPSS 0.1%CWE-311
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
AxxonSoft · AxxonOne C-Werk

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories