MEDIUM🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2025-48927

CVSS 5.3v3.1pub. 2025-05-28upd. 2025-11-05

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Smarsh Telemessage

    APP
    Smarsh
    wszystkie wersje

CISA KEV — detailsi

Vendori
TeleMessage
Producti
TM SGNL
Added to KEVi
July 1, 2025
Remediation deadline (US Federal)i
July 22, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 22 lipca 2025
CWE
References

Related vulnerabilities

CVE-2025-48928MEDIUM4.0⚠ KEVten sam produkt

The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly ...

CVE-2025-48925MEDIUM4.3ten sam produkt

The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing...

CVE-2025-48926MEDIUM4.3ten sam produkt

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail a...

CVE-2025-48929MEDIUM4.0ten sam produkt

The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., no...

CVE-2025-47730MEDIUM4.8ten sam produkt

The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) fr...