Alf-Banco · Alf-Banco · CVE-2022-25577
**Name of the Vulnerable Software and Affected Versions**
ALF-BanCO versions 8.2.5 and below
**Description**
The issue concerns the use of a hardcoded password to encrypt the SQLite database containing user data. Attackers with remote or local access to the system can read and modify the data.
**Recommendations**
For versions 8.2.5 and below, consider changing the hardcoded password to a unique, secure password for each user, and restrict access to the SQLite database to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.