How severe is CVE-2025-10227?

CVE-2025-10227 has a CVSS v3 score of 4.6 (MEDIUM).

CVE-2025-10227

4.6MEDIUM

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storag

Published: 9/10/2025Updated: 12/19/2025

Description

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.

AI AnalysisPowered by AI

Affected Products

axxonsoftaxxon_one

linuxlinux_kernel

microsoftwindows

References

https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories
Vendor Advisory