PT-2025-4168 · Unknown · Softsim Ta
Published
2025-02-04
·
Updated
2025-03-25
·
CVE-2025-20886
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Softsim TA versions prior to SMR Jan-2025 Release 1
Description
The issue allows local privileged attackers to obtain a test key due to the inclusion of sensitive information in test code. This can be exploited by attackers with local privileges.
Recommendations
For versions prior to SMR Jan-2025 Release 1, update to SMR Jan-2025 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the test code to minimize the risk of exploitation.
Fix
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Softsim Ta