CVE-2025-64308
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-15

Last updated on: 2025-11-15

Assigner: ICS-CERT

Description
The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-15
Last Modified
2025-11-15
Generated
2026-06-16
AI Q&A
2025-11-15
EPSS Evaluated
2026-06-15
NVD
CVE-2025-64308
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
brightpick mission_control *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-523 Login pages do not use adequate measures to protect the user name and password while they are in transit from the client to the server.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

Exposing hardcoded credentials increases the risk of unauthorized access to sensitive data, which can lead to violations of data protection regulations such as GDPR and HIPAA. Organizations may face compliance issues, legal penalties, and reputational damage if such vulnerabilities lead to data breaches involving personal or protected health information.

Executive Summary

This vulnerability involves the Brightpick Mission Control web application exposing hardcoded credentials within its client-side JavaScript bundle. This means that sensitive login information is embedded directly in the code that is sent to users' browsers, making it accessible to anyone who inspects the web application's code.

Impact Analysis

The exposure of hardcoded credentials can allow unauthorized attackers to gain access to the application or its backend systems without needing to bypass authentication. This can lead to unauthorized access, data breaches, and potential compromise of sensitive information or system control.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-64308. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart