CVE-2026-25607

Summary

Use of a weak password encoding algorithm in STER software allows the value of the password to be guessed after analyzing how passwords with known values are encoded.

This issue was fixed in version 9.5.

Affected Software

VendorProductVersion RangeStatus
Centralny Instytut Ochrony Pracy - Państwowy Instytut BadawczySTER0 < 9.5affected

Weaknesses

  • CWE-261: CWE-261 Weak Encoding for Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References