Docusnap for Windows Vulnerability Let Attackers Access Sensitive Data
Posted: Tue Mar 04, 2025 1:04 pm
A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts.
Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to protect inventory files, rendering the encryption effectively useless.
https://cybersecuritynews.com/docusnap- ... erability/
Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to protect inventory files, rendering the encryption effectively useless.
https://cybersecuritynews.com/docusnap- ... erability/