CVE-2025-12508

Name of the Vulnerable Software and Affected Versions BRAIN2 (affected versions not specified)

Description When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This allows for the interception of authentication data, potentially compromising confidentiality. The unencrypted communication between BRAIN2 domain users and Active Directory (AD) services can be exploited to intercept sensitive data, such as credentials, leading to unauthorized access and security breaches.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.