CVE-2025-31362

LOW

BizRobo! - Info Disclosure

Title source: llm

Description

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment.

References (5)

[Various Sources] https://knowledge.bizrobo.com/hc/ja/articles/360029772271

[Various Sources] https://knowledge.bizrobo.com/hc/ja/articles/39951710517145

[Various Sources] https://knowledge.bizrobo.com/hc/ja/articles/39952052043289

[Various Sources] https://knowledge.bizrobo.com/hc/ja/articles/39953373809305

[Third Party Advisory] https://jvn.jp/en/jp/JVN30641875/

Scores

CVSS v3 3.7

EPSS 0.0014

EPSS Percentile 33.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-321

Status published

Products (1)

OPEN, Inc./BizRobo! all versions

Published Apr 11, 2025

Tracked Since Feb 18, 2026