CVE-2025-2079

Summary

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT (JSON Web Token) sessions.

Affected Software

VendorProductVersion RangeStatus
Optigo NetworksVisual BACnet Capture Tool3.1.2rc11affected
Optigo NetworksOptigo Visual Networks Capture Tool3.1.2rc11affected

Weaknesses

  • CWE-547: CWE-547 Use of Hard-Coded, Security-Relevant Constants

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References