Vendor
Bizerba
Products
2
CVEs
4
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6512 | Cri | 0.65 | 10.0 | 0.00 | Jun 23, 2025 | On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights. | ||
| CVE-2025-6513 | Cri | 0.60 | 9.3 | 0.00 | Jun 23, 2025 | Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it. | ||
| CVE-2025-12509 | Hig | 0.55 | 8.4 | 0.00 | Oct 31, 2025 | On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights. | ||
| CVE-2025-12508 | Hig | 0.55 | 8.4 | 0.00 | Oct 31, 2025 | When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality. |
- risk 0.65cvss 10.0epss 0.00
On a client with a non-admin user, a script can be integrated into a report. The reports could later be executed on the BRAIN2 server with administrator rights.
- risk 0.60cvss 9.3epss 0.00
Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.
- risk 0.55cvss 8.4epss 0.00
On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights.
- risk 0.55cvss 8.4epss 0.00
When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality.