CVE-2025-64778

High CVSS: 8.4

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.

Vendor

Mirion

Product

Biodose\/nmis

CWE

CWE-798

Yayın Tarihi

2025-12-02 21:15:52

Güncelleme

2026-01-02 20:57:25

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-798 Biodose\/nmis HIGH Mirion 2025

Referanslar

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01

Benzer Kayıtlar

High

CVE-2025-62575

NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and o…

High

CVE-2025-64298

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are expose…

High

CVE-2025-64642

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which…

High

CVE-2025-61940

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User…