AI description
CVE-2025-48928 affects TeleMessage TM SGNL and involves the exposure of a core dump file to an unauthorized control sphere. The vulnerability stems from a JSP application where the heap content is similar to a "core dump," potentially including passwords transmitted over HTTP. If the heap dump is not properly secured, unauthorized parties could retrieve this sensitive data. This vulnerability, categorized as CWE-528, can allow attackers to extract credentials or confidential messages from exposed dump files, threatening both data privacy and system integrity. It has been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog, indicating active exploitation in the wild.
- Description
- The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- CNA Tags
- exclusively-hosted-service
CVSS 3.1
- Type
- Secondary
- Base score
- 4
- Impact score
- 1.4
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability
- Exploit added on
- Jul 1, 2025
- Exploit action due
- Jul 22, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
🔴 TeleMessage, Heap Memory Exposure, #CVE-2025-48928 (Critical) https://t.co/cY4S0uE5RB
@dailycve
5 Jul 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-48928 #TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability https://t.co/PeSWIqpOzJ
@ScyScan
1 Jul 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added TeleMessage TM SGNL vulnerabilities CVE-2025-48927 & CVE-2025-48928 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/l0pDQQ9klz
@CISACyber
1 Jul 2025
6442 Impressions
12 Retweets
29 Likes
8 Bookmarks
1 Reply
0 Quotes
CVE-2025-48928 The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previous… https://t.co/InjioUobAT
@CVEnew
28 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smarsh:telemessage:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B293A52C-05E4-41AE-B9BD-759E67B53996"
}
],
"operator": "OR"
}
]
}
]