{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7426", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "state": "PUBLISHED", "assignerShortName": "NCSC.ch", "dateReserved": "2025-07-10T09:22:44.017Z", "datePublished": "2025-08-25T08:52:47.797Z", "dateUpdated": "2025-08-25T13:47:36.182Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["ch.minova.nservice"], "platforms": ["Windows"], "product": "TTA", "vendor": "MINOVA Information Services GmbH", "versions": [{"status": "affected", "version": "11.17.0"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Stefan Mettler, Senior Penetration Tester from CRYPTRON Security GmbH"}, {"lang": "en", "type": "coordinator", "value": "Jasmin Frei, Senior Project Manager from CRYPTRON Security GmbH"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.&nbsp; Debug ports&nbsp;1602,&nbsp;1603 and&nbsp;1636 also expose service architecture information and&nbsp;system activity logs"}], "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u00a0 Debug ports\u00a01602,\u00a01603 and\u00a01636 also expose service architecture information and\u00a0system activity logs"}], "impacts": [{"capecId": "CAPEC-212", "descriptions": [{"lang": "en", "value": "CAPEC-212 Functionality Misuse"}]}, {"capecId": "CAPEC-131", "descriptions": [{"lang": "en", "value": "CAPEC-131 Resource Leak Exposure"}]}, {"capecId": "CAPEC-155", "descriptions": [{"lang": "en", "value": "CAPEC-155 Screen Temporary Files for Sensitive Information"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2025-08-25T08:52:47.797Z"}, "references": [{"tags": ["product"], "url": "https://www.minova.de/de/tta.html"}, {"tags": ["technical-description", "third-party-advisory"], "url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Security patch for all MINOVA TTA releases in progress.</p>\n\n<br>"}], "value": "Security patch for all MINOVA TTA releases in progress."}], "source": {"discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2025-05-08T22:00:00.000Z", "value": "First contact with the vendor - no response"}, {"lang": "en", "time": "2025-05-25T22:00:00.000Z", "value": "Second mail to the vendor - no response"}, {"lang": "en", "time": "2025-06-19T22:00:00.000Z", "value": "Third mail to the vendor and response received on the same day"}, {"lang": "en", "time": "2025-06-22T22:00:00.000Z", "value": "Exchange of the security report to the vendor"}, {"lang": "en", "time": "2025-07-07T22:00:00.000Z", "value": "Confirmation of the vulnerability by the vendor"}, {"lang": "en", "time": "2025-08-25T09:59:00.000Z", "value": "Planned public disclosure (CVE publication)"}], "title": "MINOVA TTA Information Disclosure and Credential Exposure", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Disable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,&nbsp;1604, 1636.</p>\n\n<br>"}], "value": "Disable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,\u00a01604, 1636."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-25T13:47:32.941835Z", "id": "CVE-2025-7426", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-25T13:47:36.182Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7426", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-25T13:47:32.941835Z"}}}], "references": [{"url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-25T13:47:13.690Z"}}], "cna": {"title": "MINOVA TTA Information Disclosure and Credential Exposure", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Stefan Mettler, Senior Penetration Tester from CRYPTRON Security GmbH"}, {"lang": "en", "type": "coordinator", "value": "Jasmin Frei, Senior Project Manager from CRYPTRON Security GmbH"}], "impacts": [{"capecId": "CAPEC-212", "descriptions": [{"lang": "en", "value": "CAPEC-212 Functionality Misuse"}]}, {"capecId": "CAPEC-131", "descriptions": [{"lang": "en", "value": "CAPEC-131 Resource Leak Exposure"}]}, {"capecId": "CAPEC-155", "descriptions": [{"lang": "en", "value": "CAPEC-155 Screen Temporary Files for Sensitive Information"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MINOVA Information Services GmbH", "modules": ["ch.minova.nservice"], "product": "TTA", "versions": [{"status": "affected", "version": "11.17.0"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-05-08T22:00:00.000Z", "value": "First contact with the vendor - no response"}, {"lang": "en", "time": "2025-05-25T22:00:00.000Z", "value": "Second mail to the vendor - no response"}, {"lang": "en", "time": "2025-06-19T22:00:00.000Z", "value": "Third mail to the vendor and response received on the same day"}, {"lang": "en", "time": "2025-06-22T22:00:00.000Z", "value": "Exchange of the security report to the vendor"}, {"lang": "en", "time": "2025-07-07T22:00:00.000Z", "value": "Confirmation of the vulnerability by the vendor"}, {"lang": "en", "time": "2025-08-25T09:59:00.000Z", "value": "Planned public disclosure (CVE publication)"}], "solutions": [{"lang": "en", "value": "Security patch for all MINOVA TTA releases in progress.", "supportingMedia": [{"type": "text/html", "value": "<p>Security patch for all MINOVA TTA releases in progress.</p>\n\n<br>", "base64": false}]}], "references": [{"url": "https://www.minova.de/de/tta.html", "tags": ["product"]}, {"url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html", "tags": ["technical-description", "third-party-advisory"]}], "workarounds": [{"lang": "en", "value": "Disable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,\u00a01604, 1636.", "supportingMedia": [{"type": "text/html", "value": "<p>Disable the output of debug information with sensitive content for the Minova TTA services on port/tcp 1602, 1603,&nbsp;1604, 1636.</p>\n\n<br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u00a0 Debug ports\u00a01602,\u00a01603 and\u00a01636 also expose service architecture information and\u00a0system activity logs", "supportingMedia": [{"type": "text/html", "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.&nbsp; Debug ports&nbsp;1602,&nbsp;1603 and&nbsp;1636 also expose service architecture information and&nbsp;system activity logs", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532 Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "455daabc-a392-441d-aa46-37d35189897c", "shortName": "NCSC.ch", "dateUpdated": "2025-08-25T08:52:47.797Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7426", "state": "PUBLISHED", "dateUpdated": "2025-08-25T13:47:36.182Z", "dateReserved": "2025-07-10T09:22:44.017Z", "assignerOrgId": "455daabc-a392-441d-aa46-37d35189897c", "datePublished": "2025-08-25T08:52:47.797Z", "assignerShortName": "NCSC.ch"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse.\u00a0 Debug ports\u00a01602,\u00a01603 and\u00a01636 also expose service architecture information and\u00a0system activity logs"}, {"lang": "es", "value": "Divulgaci\u00f3n de informaci\u00f3n y exposici\u00f3n de credenciales FTP de autenticaci\u00f3n a trav\u00e9s del puerto de depuraci\u00f3n 1604 del servicio MINOVA TTA. Esto permite el acceso remoto no autenticado a una cuenta FTP activa que contiene datos internos confidenciales y estructuras de importaci\u00f3n. En entornos donde este servidor FTP forma parte de procesos de negocio automatizados (p. ej., EDI o integraci\u00f3n de datos), esto podr\u00eda dar lugar a la manipulaci\u00f3n, extracci\u00f3n o abuso de datos. Los puertos de depuraci\u00f3n 1602, 1603 y 1636 tambi\u00e9n exponen informaci\u00f3n de la arquitectura del servicio y registros de actividad del sistema."}], "id": "CVE-2025-7426", "lastModified": "2025-08-25T20:24:45.327", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-08-25T09:15:29.110", "references": [{"source": "[email protected]", "url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html"}, {"source": "[email protected]", "url": "https://www.minova.de/de/tta.html"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.cryptron.ch/en/blog-detail/security-advisory-CVE-2025-7426-en.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-312"}, {"lang": "en", "value": "CWE-532"}], "source": "[email protected]", "type": "Secondary"}]}

{}