BRAIN2
by Bizerba
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6512 | Cri | 0.65 | 10.0 | 0.00 | Jun 23, 2025 | On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights. | ||
| CVE-2025-6513 | Cri | 0.60 | 9.3 | 0.00 | Jun 23, 2025 | Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it. | ||
| CVE-2025-12508 | Hig | 0.55 | 8.4 | 0.00 | Oct 31, 2025 | When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality. |
- risk 0.65cvss 10.0epss 0.00
On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights.
- risk 0.60cvss 9.3epss 0.00
Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.
- risk 0.55cvss 8.4epss 0.00
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.