{"api_version":"1","generated_at":"2026-04-17T00:19:46+00:00","cve":"CVE-2026-25601","urls":{"html":"https://cve.report/CVE-2026-25601","api":"https://cve.report/api/cve/CVE-2026-25601.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-25601","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-25601"},"summary":{"title":"Credential Exposure vulnerability in MEPIS RM","description":"A vulnerability was identified in MEPIS RM, an industrial\nsoftware product developed by Metronik. The application contained a hardcoded\ncryptographic key within the Mx.Web.ComponentModel.dll component. When the\noption to store domain passwords was enabled, this key was used to encrypt user\npasswords before storing them in the application’s database. An attacker with\nsufficient privileges to access the database could extract the encrypted\npasswords, decrypt them using the embedded key, and gain unauthorized access to\nthe associated ICS/OT environment.","state":"PUBLISHED","assigner":"ENISA","published_at":"2026-04-01 12:16:02","updated_at":"2026-04-07 20:47:29"},"problem_types":["CWE-798","CWE-798 CWE-798: Use of Hard-coded Credentials"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"6.7","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","score":"6.4","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"6.4","severity":"MEDIUM","vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.4,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://www.cert.si/en/cve-2026-25601/","name":"https://www.cert.si/en/cve-2026-25601/","refsource":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","tags":["Broken Link"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-25601","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25601","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Metronik d.o.o.","product":"MEPIS RM","version":"affected 8.2.0107 semver","platforms":[]},{"source":"CNA","vendor":"Metronik d.o.o.","product":"MEPIS RM","version":"affected 8.2.0007 build 15 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"25601","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"metronik","cpe5":"mepis_rm","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"25601","cve":"CVE-2026-25601","epss":"0.000060000","percentile":"0.003930000","score_date":"2026-04-07","updated_at":"2026-04-08 00:03:40"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-25601","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-04-01T12:34:39.978813Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-01T12:35:48.644Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"MEPIS RM","vendor":"Metronik d.o.o.","versions":[{"lessThan":"8.2.0107","status":"affected","version":"0","versionType":"semver"},{"lessThan":"8.2.0007 build 15","status":"affected","version":"0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>A vulnerability was identified in MEPIS RM, an industrial\nsoftware product developed by Metronik. The application contained a hardcoded\ncryptographic key within the Mx.Web.ComponentModel.dll component. When the\noption to store domain passwords was enabled, this key was used to encrypt user\npasswords before storing them in the application’s database. An attacker with\nsufficient privileges to access the database could extract the encrypted\npasswords, decrypt them using the embedded key, and gain unauthorized access to\nthe associated ICS/OT environment.</p>"}],"value":"A vulnerability was identified in MEPIS RM, an industrial\nsoftware product developed by Metronik. The application contained a hardcoded\ncryptographic key within the Mx.Web.ComponentModel.dll component. When the\noption to store domain passwords was enabled, this key was used to encrypt user\npasswords before storing them in the application’s database. An attacker with\nsufficient privileges to access the database could extract the encrypted\npasswords, decrypt them using the embedded key, and gain unauthorized access to\nthe associated ICS/OT environment."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.4,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-798","description":"CWE-798: Use of Hard-coded Credentials","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-01T11:28:57.110Z","orgId":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","shortName":"ENISA"},"references":[{"tags":["third-party-advisory"],"url":"https://www.cert.si/en/cve-2026-25601/"}],"source":{"discovery":"UNKNOWN"},"title":"Credential Exposure vulnerability in MEPIS RM","x_generator":{"engine":"Vulnogram 1.0.1"}}},"cveMetadata":{"assignerOrgId":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","assignerShortName":"ENISA","cveId":"CVE-2026-25601","datePublished":"2026-04-01T11:28:57.110Z","dateReserved":"2026-02-03T07:24:49.548Z","dateUpdated":"2026-04-01T12:35:48.644Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-01 12:16:02","lastModifiedDate":"2026-04-07 20:47:29","problem_types":["CWE-798","CWE-798 CWE-798: Use of Hard-coded Credentials"],"metrics":{"cvssMetricV31":[{"source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:metronik:mepis_rm:*:*:*:*:*:*:*:*","versionEndExcluding":"8.2.017","matchCriteriaId":"F1D97A10-22CB-4C9C-8581-433F771F6958"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:metronik:mepis_rm:*:*:*:*:*:*:*:*","versionEndExcluding":"8.2.0007","matchCriteriaId":"641D46CD-B882-4EE3-B5FD-52ED712EF323"},{"vulnerable":true,"criteria":"cpe:2.3:a:metronik:mepis_rm:8.2.0007:-:*:*:*:*:*:*","matchCriteriaId":"98B6B64E-528D-47F0-B6F8-8FF5859144C0"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"25601","Ordinal":"1","Title":"Credential Exposure vulnerability in MEPIS RM","CVE":"CVE-2026-25601","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"25601","Ordinal":"1","NoteData":"A vulnerability was identified in MEPIS RM, an industrial\nsoftware product developed by Metronik. The application contained a hardcoded\ncryptographic key within the Mx.Web.ComponentModel.dll component. When the\noption to store domain passwords was enabled, this key was used to encrypt user\npasswords before storing them in the application’s database. An attacker with\nsufficient privileges to access the database could extract the encrypted\npasswords, decrypt them using the embedded key, and gain unauthorized access to\nthe associated ICS/OT environment.","Type":"Description","Title":"Credential Exposure vulnerability in MEPIS RM"}]}}}