216.73.217.172

CVE-2025-58740

· Published 20/01/2026 22:15 · Modified 20/01/2026 22:15

Labels: CVE-2025-58740 2026-01-2057dba5dd-1a03-47f6-8b36-e84e47d335d8CVE-2025-58740CWE-321

Essential information

Published
20/01/2026 22:15
Modified
20/01/2026 22:15
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows a local attacker to decrypt database credentials by reading the cryptographic key from the executable. This issue affects ImageDirector Capture: from 7.0.9 before 7.6.3.25808.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
57dba5dd-1a03-47f6-8b36-e84e47d335d8
NVD
View on NVD

Affected products (CPE)

ProductCPE
milner / imagedirector capture cpe:2.3:a:milner:imagedirector_capture:7.0.9:*:*:*:*:windows:*:*
milner / imagedirector capture cpe:2.3:a:milner:imagedirector_capture:<7.6.3.25808:*:*:*:*:windows:*:*

References