CVE-2025-47729

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/05/2025
Last modified:
14/05/2025

Description

The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:telemessage:text_message_archiver:*:*:*:*:*:*:*:* 2025-05-05 (including)