CVE-2025-58740

High CVSS: 8.5

The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by reading the cryptographic key from the executable.

This issue affects ImageDirector Capture: from 7.0.9 before 7.6.3.25808.

Vendor

Milner

Product

Imagedirector Capture

CWE

CWE-321

Yayın Tarihi

2026-01-20 22:15:51

Güncelleme

2026-02-10 16:53:15

Source Identifier

57dba5dd-1a03-47f6-8b36-e84e47d335d8

KEV Date Added

Kategoriler

CWE-321 Imagedirector Capture HIGH Milner 2026

Referanslar

https://sra.io/advisories

Benzer Kayıtlar

High

CVE-2025-58741

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrie…

High

CVE-2025-58742

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability…

High

CVE-2025-58743

Use of a Broken or Risky Cryptographic Algorithm (DES) vulnerability in the Password class in C2SConnections.dll in Mi…

Medium

CVE-2025-58744

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Cap…