CVE-2025-64778
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-02
Last updated on: 2025-12-04
Assigner: ICS-CERT
Description
Description
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nmis | biodose | * |
| nmis | biodose | 22.02 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in NMIS/BioDose software version 22.02 and earlier, where executable binaries contain hard-coded passwords in plain text. These hard-coded passwords can be used by attackers to gain unauthorized access to the application and its database.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to the NMIS/BioDose application and its database, potentially allowing attackers to view, modify, or disrupt sensitive data and system operations, which can compromise confidentiality, integrity, and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70