CVE-2025-60791

Name of the Vulnerable Software and Affected Versions Easywork Enterprise version 2.1.3.354

Description Easywork Enterprise version 2.1.3.354 exhibits a security issue related to the cleartext storage of sensitive information in memory. Specifically, valid device-bound license keys remain in process memory even after a failed activation attempt. These keys can be retrieved by attaching a debugger or analyzing a process/memory dump. Subsequently, these obtained keys can be used to activate the software on the same machine without a valid purchase.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.