How severe is CVE-2025-10227?

CVE-2025-10227 has a CVSS v3 score of 4.6 (MEDIUM).

CVE-2025-10227

4.6MEDIUM

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storag

Veröffentlicht: 9/10/2025Aktualisiert: 12/19/2025

Beschreibung

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.

KI-AnalyseKI-gestützt

Betroffene Produkte

axxonsoftaxxon_one

linuxlinux_kernel

microsoftwindows

Referenzen

https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories
Vendor Advisory