CVE-2025-31362 | THREATINT

Description

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment.

PUBLISHED Reserved 2025-04-02 | Published 2025-04-11 | Updated 2025-04-11 | Assigner jpcert

LOW: 3.7CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

Use of hard-coded cryptographic key

Product status

all versions

affected

References

knowledge.bizrobo.com/hc/ja/articles/39951710517145

knowledge.bizrobo.com/hc/ja/articles/39952052043289

knowledge.bizrobo.com/hc/ja/articles/39953373809305

knowledge.bizrobo.com/hc/ja/articles/360029772271

jvn.jp/en/jp/JVN30641875/

cve.org (CVE-2025-31362)

nvd.nist.gov (CVE-2025-31362)

Download JSON