CVE-2025-6513

Summary

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.

Affected Software

VendorProductVersion RangeStatus
Bizerba SE & Co. KGBRAIN20.0 < 3.06affected

Weaknesses

  • CWE-260: CWE-260: Password in Configuration File

Workarounds

  • Deactivate not needed users or delete them
  • Ensure that only authorized users have access to the device/software

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References