CVE-2025-26849

Name of the Vulnerable Software and Affected Versions Docusnap versions prior to 14 Docusnap version 13.0.1440.24261 and earlier

Description The issue is caused by a hard-coded cryptographic key in Docusnap, which can be used to decrypt inventory files containing sensitive information such as firewall rules. These inventory files typically catalog crucial system details and software installed on Windows machines. Attackers can exploit insecure default configurations that grant read permissions to any domain user. The risk is classified as low because attackers require prior network access, but the sensitivity of the information still accelerates their attack chains.

Recommendations For Docusnap versions prior to 14: Audit share permissions to restrict read access to inventory files. For Docusnap version 13.0.1440.24261 and earlier: Monitor for patches that implement ephemeral or client-specific encryption in future updates. As a temporary workaround, consider restricting access to the encrypted inventory files until a patch is available.