THREATOPS
THREAT OPSCVEs › CVE-2025-48928

CVE-2025-48928 — TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability

CISA KEVExploited: confirmedTeleMessage

TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.

Vulnerability details