H Mdm · Headwind Mdm · CVE-2025-43720
**Name of the Vulnerable Software and Affected Versions**
Headwind MDM versions prior to 5.33.1
**Description**
Headwind MDM versions prior to 5.33.1 allow unauthorized access to configuration details. Specifically, the configuration profile is exposed to users with the Observer role, revealing the password required to escape the MDM-controlled device’s profile.
**Recommendations**
Update Headwind MDM to version 5.33.1 or later.