CVE-2025-64298 – Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

CVE ID : CVE-2025-64298

Published : Dec. 2, 2025, 9:15 p.m. | 1 hour, 10 minutes ago

Description : NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-55181 – Apache Quic HTTP Denial of Service (DoS)

CVE-2025-66476 – Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability

CVE-2025-65657 – FeehiCMS Remote Code Execution via Unrestricted File Upload

CVE-2025-65380 – PHPGurukul Billing System SQL Injection Vulnerability