CVE-2025-7426

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs

CVSS

No CVSS.

References

Link	Resource
https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html
https://www.minova.de/de/tta.html
https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html

Configurations

No configuration.

History

25 Aug 2025, 14:15

Type	Values Removed	Values Added
Summary		(es) Divulgación de información y exposición de credenciales FTP de autenticación a través del puerto de depuración 1604 del servicio MINOVA TTA. Esto permite el acceso remoto no autenticado a una cuenta FTP activa que contiene datos internos confidenciales y estructuras de importación. En entornos donde este servidor FTP forma parte de procesos de negocio automatizados (p. ej., EDI o integración de datos), esto podría dar lugar a la manipulación, extracción o abuso de datos. Los puertos de depuración 1602, 1603 y 1636 también exponen información de la arquitectura del servicio y registros de actividad del sistema.
References	~~() https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html -~~	() https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html -

25 Aug 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-25 09:15

Updated : 2025-08-25 20:24

NVD link : CVE-2025-7426

Mitre link : CVE-2025-7426

CVE.ORG link : CVE-2025-7426

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-312

Cleartext Storage of Sensitive Information

CWE-532

Insertion of Sensitive Information into Log File

{"id": "CVE-2025-7426", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "vulnerability@ncsc.ch", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-25T09:15:29.110", "references": [{"url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html", "source": "vulnerability@ncsc.ch"}, {"url": "https://www.minova.de/de/tta.html", "source": "vulnerability@ncsc.ch"}, {"url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "vulnerability@ncsc.ch", "description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-312"}, {"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u00a0 Debug ports\u00a01602,\u00a01603 and\u00a01636 also expose service architecture information and\u00a0system activity logs"}, {"lang": "es", "value": "Divulgaci\u00f3n de informaci\u00f3n y exposici\u00f3n de credenciales FTP de autenticaci\u00f3n a trav\u00e9s del puerto de depuraci\u00f3n 1604 del servicio MINOVA TTA. Esto permite el acceso remoto no autenticado a una cuenta FTP activa que contiene datos internos confidenciales y estructuras de importaci\u00f3n. En entornos donde este servidor FTP forma parte de procesos de negocio automatizados (p. ej., EDI o integraci\u00f3n de datos), esto podr\u00eda dar lugar a la manipulaci\u00f3n, extracci\u00f3n o abuso de datos. Los puertos de depuraci\u00f3n 1602, 1603 y 1636 tambi\u00e9n exponen informaci\u00f3n de la arquitectura del servicio y registros de actividad del sistema."}], "lastModified": "2025-08-25T20:24:45.327", "sourceIdentifier": "vulnerability@ncsc.ch"}