CVE-2025-7426 | THREATINT

Description

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs

PUBLISHED Reserved 2025-07-10 | Published 2025-08-25 | Updated 2025-08-25 | Assigner NCSC.ch

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-312 Cleartext Storage of Sensitive Information

CWE-532 Insertion of Sensitive Information into Log File

Product status

Default status

unaffected

11.17.0

affected

Timeline

2025-05-08:	First contact with the vendor - no response
2025-05-25:	Second mail to the vendor - no response
2025-06-19:	Third mail to the vendor and response received on the same day
2025-06-22:	Exchange of the security report to the vendor
2025-07-07:	Confirmation of the vulnerability by the vendor
2025-08-25:	Planned public disclosure (CVE publication)

Credits

Stefan Mettler, Senior Penetration Tester from CRYPTRON Security GmbH finder

Jasmin Frei, Senior Project Manager from CRYPTRON Security GmbH coordinator

References

www.minova.de/de/tta.html product

www.cryptron.ch/...l/security-advisory-CVE-2025-7426-en.html technical-description third-party-advisory

cve.org (CVE-2025-7426)

nvd.nist.gov (CVE-2025-7426)

Download JSON