When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.
PUBLISHED5.2CWE-319
Unencrypted communication to Active Directory services
Problem type
Affected products
Bizerba
BRAIN2
< 3.07 - AFFECTED
References
GitHub Security Advisories
GHSA-538j-4932-wc23
When using domain users as BRAIN2 users, communication with Active Directory services is...
https://github.com/advisories/GHSA-538j-4932-wc23When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.
JSON source
Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2025-12508",
"assignerOrgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"assignerShortName": "bizerba",
"dateUpdated": "2025-10-31T17:44:27.867Z",
"dateReserved": "2025-10-30T14:08:50.565Z",
"datePublished": "2025-10-31T15:49:54.429Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "0beee27a-7d8c-424f-8e46-ac453fa147e6",
"shortName": "bizerba",
"dateUpdated": "2025-10-31T15:49:54.429Z"
},
"title": "Unencrypted communication to Active Directory services",
"descriptions": [
{
"lang": "en",
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality."
}
]
}
],
"affected": [
{
"vendor": "Bizerba",
"product": "BRAIN2",
"platforms": [
"Windows"
],
"defaultStatus": "unaffected",
"versions": [
{
"version": "0.0",
"status": "affected",
"versionType": "semver",
"lessThan": "3.07"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"cweId": "CWE-319",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0006.pdf"
}
],
"metrics": [
{
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
],
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
}
}
],
"workarounds": [
{
"lang": "en",
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead.",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "Do not use domain users as BRAIN2 users in unprotected networks. Use local BRAIN2 users instead."
}
]
}
],
"solutions": [
{
"lang": "en",
"value": "Update to version 3.07",
"supportingMedia": [
{
"type": "text/html",
"base64": false,
"value": "Update to version 3.07<br>"
}
]
}
],
"timeline": [
{
"time": "2025-10-30T23:00:00.000Z",
"lang": "en",
"value": "Release of new version BRAIN2 3.07"
},
{
"time": "2025-10-30T23:00:00.000Z",
"lang": "en",
"value": "Publish Security"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-10-31T17:44:27.867Z"
},
"title": "CISA ADP Vulnrichment",
"metrics": [
{}
]
}
]
}
}