cbcvebase.
CVE-2025-41722
published 2025-10-22

CVE-2025-41722: The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the…

PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.25%
15.7th percentile
The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices.

Affected

20 ranges
VendorProductVersion rangeFixed in
msrcazl3_golang_1.22.7-1_on_azure_linux_3.0
msrcazl3_golang_1.22.7-2_on_azure_linux_3.0
msrcazl3_tensorflow_2.16.1-9_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_golang_1.17.13-2_on_cbl_mariner_2.0
msrccbl2_golang_1.18.8-7_on_cbl_mariner_2.0
msrccbl2_golang_1.21.6-1_on_cbl_mariner_2.0
msrccbl2_golang_1.22.7-3_on_cbl_mariner_2.0
msrccbl2_msft-golang_1.19.8-1_on_cbl_mariner_2.0
msrccbl2_tensorflow_2.11.1-2_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
msrccm1_golang_1.17.13-2_on_cbl_mariner_1.0
sauterey-modulo_5_ecos_5_ecos504_505>= 0.0 < Firmware v6.0Firmware v6.0
sauterey-modulo_5_modu_5_modu524>= 0.0 < Firmware v6.0Firmware v6.0
sauterey-modulo_5_modu_5_modu525>= 0.0 < Firmware v6.0Firmware v6.0
sautermodulo_6_devices_modu612-lc>= 0.0.0 < Firmware v3.2.0Firmware v3.2.0
sautermodulo_6_devices_modu660-as>= 0.0.0 < Firmware v3.2.0Firmware v3.2.0
sautermodulo_6_devices_modu680-as>= 0.0.0 < Firmware v3.2.0Firmware v3.2.0

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_msrc7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.