PULSE
LIVE19signals / 24h
FEED
ransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcare
← All CVEs
CVE Watch

CVE-2025-48928

TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability

CVSS

No CVSS

EPSS

0.4%

p29

KEV

YES

Jul 1, 2025

Exploit Today

59

0-100

Published: · Last modified:

EPSS · 30d
0.4%EPSS · 30 days0.4%
2026-06-302026-07-17
KEV catalog record

Product

TeleMessage / TM SGNL

Vulnerability

TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability

Added to KEV

Jul 1, 2025

Remediate by

Jul 22, 2025

Known ransomware use

No

Summary description

TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Notes

It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48928

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-48927
94.4%
KEV78TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
CVE-2025-47729
33.0%
KEV60TeleMessage TM SGNL Hidden Functionality Vulnerability