CVE-2025-59100
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-01-26
Assigner: SEC Consult Vulnerability Lab
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability could negatively impact compliance with standards and regulations such as GDPR and HIPAA because it allows unauthorized access to sensitive data including passwords, card pins, and encrypted keys. The failure to properly delete exported databases and the lack of authentication to access these exports could lead to data breaches, violating data protection and privacy requirements mandated by these regulations.
Can you explain this vulnerability to me?
This vulnerability involves a web interface feature that allows exporting the internal SQLite database. Normally, after exporting, the device reboots and deletes the exported database. However, sometimes the device does not reboot or the exported database is not deleted after rebooting. Because the exported database is stored in a location accessible without authentication, an attacker could access sensitive data such as passwords, card pins, and encrypted Mifare sitekeys without needing to authenticate.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access to sensitive information stored in the exported database, including passwords, card pins, and encrypted sitekeys. This could result in data breaches, unauthorized access to systems, and potential compromise of security controls relying on this data.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the exported SQLite database file is accessible without authentication on the device. Since the database export is automatically downloaded and then deleted after reboot, look for the presence of the exported database file in the expected export path. If the device does not reboot properly or the file is not deleted, the database file remains accessible. Commands to check for the presence of the exported database file could include using file system commands like 'ls' on the device's export directory or network scanning tools to detect if the export path is accessible without authentication. Specific commands depend on the device and environment, but generally, you can try accessing the export URL or path directly to see if the database file is available.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include ensuring that the exported database file is not accessible without authentication by restricting access to the export path. Additionally, verify that the device properly reboots after the database export to ensure the exported database is deleted as intended. If possible, disable or restrict the database export functionality until a patch or fix is available. Monitoring the device to confirm that the export file is deleted after reboot can also help mitigate the risk.