Unrated severityNVD Advisory· Published Mar 2, 2026· Updated Mar 2, 2026
CVE-2025-58107
CVE-2025-58107
Description
In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=2019
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.