CVE-2025-47729
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/05/2025
Last modified:
14/05/2025
Description
The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.
Impact
Base Score 3.x
1.90
Severity 3.x
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:telemessage:text_message_archiver:*:*:*:*:*:*:*:* | 2025-05-05 (including) |
To consult the complete list of CPE names with products and versions, see this page