The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NSmarsh Telemessage
APPSmarshwszystkie wersje
CISA KEV — detailsi
- Vendori
- TeleMessage
- Producti
- TM SGNL
- Added to KEVi
- July 1, 2025
- Remediation deadline (US Federal)i
- July 22, 2025(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.
Related vulnerabilities
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint ...
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing...
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail a...
The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., no...
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) fr...