CVE-2025-12508

HIGH

Bizerba BRAIN2 < 3.07 - Cleartext Transmission of Sensitive Information via Active Directory Communication

Title source: llm
STIX 2.1

Description

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.

References (1)

Core 1

Scores

CVSS v3 8.4
EPSS 0.0017
EPSS Percentile 6.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-319
Status published
Products (1)
Bizerba/BRAIN2 0.0 - 3.07
Published Oct 31, 2025
Tracked Since Feb 18, 2026