AI description
CVE-2025-48927 is a vulnerability found in the TeleMessage TM SGNL platform. It is due to an insecure default configuration of the Spring Boot Actuator, which exposes the `/heapdump` endpoint. This flaw is categorized as an Initialization of a Resource with an Insecure Default (CWE-1188). Attackers can exploit this exposed endpoint to access sensitive memory dumps. This could lead to unauthorized data access or privilege escalation. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog and has issued an urgent advisory, setting a remediation deadline of July 22, 2025, for federal agencies.
- Description
- The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- CNA Tags
- exclusively-hosted-service
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
- Exploit added on
- Jul 1, 2025
- Exploit action due
- Jul 22, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cve@mitre.org
- CWE-1188
- Hype score
- Not currently trending
🔴 TeleMessage, Exposed Heap Dump Endpoint, #CVE-2025-48927 (Critical) https://t.co/QfgsUgFAbc
@dailycve
5 Jul 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53602 Zipkin through 3.5.1 has a /heapdump endpoint (associated with the use of Spring Boot Actuator), a similar issue to CVE-2025-48927. https://t.co/LZkesXC9Tr
@CVEnew
4 Jul 2025
693 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-48927 #TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability https://t.co/IFzB9sfZFT
@ScyScan
1 Jul 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added TeleMessage TM SGNL vulnerabilities CVE-2025-48927 & CVE-2025-48928 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/l0pDQQ9klz
@CISACyber
1 Jul 2025
6442 Impressions
12 Retweets
29 Likes
8 Bookmarks
1 Reply
0 Quotes
CVE-2025-48927 The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. https://t.co/j4ja2ElxxJ
@CVEnew
28 May 2025
288 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smarsh:telemessage:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B293A52C-05E4-41AE-B9BD-759E67B53996"
}
],
"operator": "OR"
}
]
}
]