Home

Description

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.

PUBLISHED Reserved 2025-10-30 | Published 2025-10-31 | Updated 2025-10-31 | Assigner bizerba




HIGH: 8.4CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status
unaffected

0.0 (semver) before 3.07
affected

Timeline

2025-10-30:Release of new version BRAIN2 3.07
2025-10-30:Publish Security

References

www.bizerba.com/...on-security/2025/bizerba-sa-2025-0006.pdf

cve.org (CVE-2025-12508)

nvd.nist.gov (CVE-2025-12508)

Download JSON