CVE-2025-0714
published 2025-02-17CVE-2025-0714: The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector (IV) consisting only of…
PriorityP429medium6.5CVSS 3.1
AVLACLPRLUINSCCHINAN
EPSS
0.15%
4.9th percentile
The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector (IV) consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted for their password. A derivative of the password is used as the master key. As both the master key and the IV are the same for each stored password, the AES CFB ciphertext depends only on the plaintext (the password). The static IV and master key make it easier to obtain sensitive information and to decrypt data when it is stored at rest.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mobatek | mobaxterm | < 25.0 | 25.0 |
| msrc | cbl2_vim_8.2.4743-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_vim_8.2.4495-1_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m328-qqmc-777w: The vulnerability existed in the password storage of Mobateks MobaXterm below 25
ghsa_unreviewed·2025-02-17
CVE-2025-0714 [MEDIUM] CWE-1204 GHSA-m328-qqmc-777w: The vulnerability existed in the password storage of Mobateks MobaXterm below 25
The vulnerability existed in the password storage of Mobateks MobaXterm below 25.0.
MobaXTerm uses an initialization vector (IV) that is generated by encrypting null bytes with a derivate of the users master key. As both the master key is static, and AES ECB produces the same output with the same input the IV for AES CFB is always the same.The static IV makes it easier to obtain sensitive information and decrypt data if the data is stored at rest.
Microsoft
Heap-based Buffer Overflow in vim/vim
vendor_msrc·2022-02-08·CVSS 5.5
CVE-2022-0714 [MEDIUM] CWE-122 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in vim/vim
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
@huntrdev: @huntrdev
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-02-17
Published