Full Report
CERT Polska has received a report about Hard-coded Credentials vulnerability (CVE-2025-4049) found in SIGNUM-NET FARA software.
Analysis Summary
# Vulnerability: Hard-coded Credentials in SIGNUM-NET FARA Software
## CVE Details
- CVE ID: CVE-2025-4049
- CVSS Score: Information not provided in the source article. (Severity assessment requires CVSS score)
- CWE: CWE-798 (Use of Hard-coded Credentials)
## Affected Systems
- Products: SIGNUM-NET FARA
- Versions: All versions through 5.0.80.34
- Configurations: Not specified, the flaw exists universally across affected versions.
## Vulnerability Description
The SIGNUM-NET FARA software contains a critical flaw due to the use of hard-coded, identical SQLite credentials across all vulnerable installations. Successful exploitation allows an attacker to read and potentially manipulate the database stored locally by the FARA application.
## Exploitation
- Status: Report received by CERT Polska; exploitation status (in the wild or PoC availability) is not detailed in the provided summary. We classify this based on typical hard-coded credential risk as **PoC likely available** given responsible disclosure.
- Complexity: Likely Low, as access to the local system hosting the database is required.
- Attack Vector: Local access is implied, as the vulnerability relates to accessing a local SQLite database.
## Impact
- Confidentiality: High (Allows reading of sensitive database data)
- Integrity: High (Allows manipulation of database data)
- Availability: Potential impact depending on data integrity compromise.
## Remediation
### Patches
- Vendor specific patch versions are not listed in the source material. Users should consult SIGNUM-NET for the fixed version information.
### Workarounds
- No specific workarounds were provided in the summary text. Limiting local access to the FARA application host is a general mitigation tactic.
## Detection
- Detection methods specific to this vulnerability (e.g., file integrity monitoring on the SQLite database) are not provided.
- **Indicator of Compromise:** Unauthorized changes or reads detected against the local SQLite database utilized by the FARA application.
## References
- Vendor Advisories: Not available in the provided text.
- Relevant links:
- CERT Polska Disclosure Information: https://cert[.]pl/en/cvd/
- CVE Record: https://www[.]cve[.]org/CVERecord?id=CVE-2025-4049