CVE-2025-65320

HIGH

Abacre Restaurant Point OF Sale < 15.0.0.1656 - Cleartext Storage

Title source: rule

Description

Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory during an activation attempt.

Exploits (2)

nomisec WRITEUP 1 stars

by yonathanpy · poc

https://github.com/yonathanpy/CVE-2025-65320

View Code ZIP pw:eip

nomisec WRITEUP

by Smarttfoxx · poc

https://github.com/Smarttfoxx/CVE-2025-65320

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://github.com/Smarttfoxx/CVE-2025--

[Broken Link] https://packetstorm.news/files/id/212149

Scores

CVSS v3 7.5

EPSS 0.0003

EPSS Percentile 8.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-312

Status published

Products (1)

abacre/restaurant_point_of_sale < 15.0.0.1656

Published Dec 03, 2025

Tracked Since Feb 18, 2026