Unrated severityNVD Advisory· Published Sep 10, 2025· Updated Oct 8, 2025

Sensitive Information Disclosure in Diagnostic Dumps in AxxonSoft Axxon One VMS

CVE-2025-10222

Description

Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump component in AxxonSoft Axxon One VMS (C-Werk) 2.0.0 through 2.0.1 on Windows allows a local attacker to obtain licensing-related information such as timestamps, license states, and registry values via reading diagnostic export files created by the built-in troubleshooting tool.

Affected products

AxxonSoft/Axxon One (C-Werk)llm-fuzzy
Range: >=2.0.0 <=2.0.1
AxxonSoft/AxxonOne C-Werkv5
Range: 2.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000