- Description
- Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs
- Source
- vulnerability@ncsc.ch
- NVD status
- Deferred
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- vulnerability@ncsc.ch
- CWE-200
- Hype score
- Not currently trending
🚨 CRITICAL alert: CVE-2025-7426 in MINOVA TTA v11.17.0 leaks FTP creds via debug port 1604 — risk of data breach for EU orgs! Isolate/debug ports & rotate creds now. https://t.co/7Oge5Rf2W4 #OffSeq #infosec #d... https://t.co/CZ678dh5Dz
@offseq
25 Aug 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-7426 Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to a… https://t.co/hcRAWaY4Tc
@CVEnew
25 Aug 2025
462 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-7426: CRITICAL] Critical cyber security alert! Unauthenticated access to active FTP account containing sensitive data due to FTP credentials exposure on debug port 1604 in MINOVA TTA service. Other d...#cve,CVE-2025-7426,#cybersecurity https://t.co/4VOfy0XmLU https://t.
@CveFindCom
25 Aug 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes