CVE-2025-48927

Published May 28, 2025

Last updated 15 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-48927 is a vulnerability found in the TeleMessage TM SGNL platform. It is due to an insecure default configuration of the Spring Boot Actuator, which exposes the `/heapdump` endpoint. This flaw is categorized as an Initialization of a Resource with an Insecure Default (CWE-1188). Attackers can exploit this exposed endpoint to access sensitive memory dumps. This could lead to unauthorized data access or privilege escalation. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog and has issued an urgent advisory, setting a remediation deadline of July 22, 2025, for federal agencies.

Description
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025.
Source
cve@mitre.org
NVD status
Analyzed
CNA Tags
exclusively-hosted-service

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Known exploits

Data from CISA

Vulnerability name
TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
Exploit added on
Jul 1, 2025
Exploit action due
Jul 22, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve@mitre.org
CWE-1188

Social media

Hype score
Not currently trending

Configurations