CISA: Attacks exploiting TeleMessage bugs ongoing

July 3, 2025 Yanac

More severe of the vulnerabilities is the TM SGNL Spring Boot Actuator misconfiguration bug, tracked as CVE-2025-48927, which could be abused for memory dump downloads, while the other flaw, tracked as CVE-2025-48928, could be exploited to reveal passwords delivered via HTTP, according to CISA.SCM feed for Endpoint/Device SecurityRead More