CVE-2025-26849

Summary

There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. This key can be used to decrypt inventory files that contain sensitive information such as firewall rules.

Affected Software

VendorProductVersion RangeStatus
DocusnapDocusnap13.0.1440.24261affected

Weaknesses

  • CWE-1394: CWE-1394 Use of Default Cryptographic Key

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References