CVE-2025-48928

Published May 28, 2025

Last updated 4 months ago

Exploit knownCVSS medium 4.0
TeleMessage

Overview

Description
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
Source
cve@mitre.org
NVD status
Analyzed
CNA Tags
exclusively-hosted-service
Products
telemessage

Risk scores

CVSS 3.1

Type
Secondary
Base score
4
Impact score
1.4
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Known exploits

Data from CISA

Vulnerability name
TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability
Exploit added on
Jul 1, 2025
Exploit action due
Jul 22, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve@mitre.org
CWE-528
nvd@nist.gov
CWE-552

Social media

Hype score
Not currently trending

  1. 🔴 TeleMessage, Heap Memory Exposure, #CVE-2025-48928 (Critical) https://t.co/cY4S0uE5RB

    @dailycve

    5 Jul 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-48928 #TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability https://t.co/PeSWIqpOzJ

    @ScyScan

    1 Jul 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🛡️ We added TeleMessage TM SGNL vulnerabilities CVE-2025-48927 & CVE-2025-48928 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/l0pDQQ9klz

    @CISACyber

    1 Jul 2025

    6442 Impressions

    12 Retweets

    29 Likes

    8 Bookmarks

    1 Reply

    0 Quotes

  4. CVE-2025-48928 The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previous… https://t.co/InjioUobAT

    @CVEnew

    28 May 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues.CVE-2025-48930
  2. The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered by an adversary.CVE-2025-48929
  3. The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort.CVE-2025-48931
  4. The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.CVE-2025-48926
  5. TeleMessage TM SGNL Initialization of a Resource with an Insecure Default VulnerabilityCVE-2025-48927

References

Sources include official advisories and independent security research.