CVE-2025-14295

216.73.216.233

· Published 22/01/2026 13:16 · Modified 22/01/2026 13:16

Labels: CVE-2025-14295 2026-01-22 CVE-2025-14295 CWE-257 [email protected]

Essential information

Published: 22/01/2026 13:16
Modified: 22/01/2026 13:16
Author: —
Creator: —
CVSS: 7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Storing Passwords in a Recoverable Format vulnerability in Automated Logic WebCTRL on Windows, Carrier i-Vu on Windows. Storing Passwords in a Recoverable Format vulnerability (CWE-257) in the Web session management component allows an attacker to access stored passwords in a recoverable format which makes them subject to password reuse attacks by malicious users.This issue affects WebCTRL: from 6.0 through 9.0; i-Vu: from 6.0 through 9.0.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
automated logic / webctrl	`cpe:2.3:a:automated_logic:webctrl:6.0-9.0:::::::*`
carrier / i-vu	`cpe:2.3:a:carrier:i-vu:6.0-9.0:::::::*`