CVE-2025-48928
TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability
CVSS
—
No CVSS
EPSS
0.4%
p29
KEV
YES
Jul 1, 2025
Exploit Today
59
0-100
Published: — · Last modified: —
Product
TeleMessage / TM SGNL
Vulnerability
TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability
Added to KEV
Jul 1, 2025
Remediate by
Jul 22, 2025
Known ransomware use
No
Summary description
TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes
It is recommended that mitigations be applied per vendor instructions if available. If these instructions cannot be located or if mitigations are unavailable, discontinue use of the product. ; https://nvd.nist.gov/vuln/detail/CVE-2025-48928