BRAIN2 Configuration file for database access not sufficiently secured

June 23, 2025 invoker category_cve

CVE Details

Basic Information

Title BRAIN2 Configuration file for database access not sufficiently secured
Type cve
Published 2025-06-23T12:37:55.000Z
Last Seen

Product Information

Vendor Bizerba SE & Co. KG
Product BRAIN2
Version 0.0

CVSS Information

Base Score 9.3 (CRITICAL)
Attack Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Confidentiality Impact
Integrity Impact
Availability Impact

AI Analysis

AI Description A vulnerability in BRAIN2 allows standard Windows users to access and decrypt the database configuration file, potentially exposing sensitive data.
AI Severity Critical
Vendor Bizerba SE & Co. KG
Product BRAIN2
Affected Version 0.0

Affected Products

  • Bizerba SE & Co. KG BRAIN2 0.0

Additional Information

CVE List
CWE List CWE-260
Bulletin Family

Description

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.