Skip to main content

CVE-2025-14376

Insecure Storage of Sensitive Information (CWE-922)
2026-01-20 PSIRT@rockwellautomation.com

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 20, 2026 - 14:16 nvd
N/A

DescriptionCVE.org

A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024.

Analysis

A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024.

Technical ContextAI

Classified as CWE-922 (Insecure Storage of Sensitive Information). A security issue was discovered within the legacy ADI server component of Verve Asset Manager, caused by plaintext secrets stored in environment variables on the ADI server. This component has been retired and has been optional since the 1.36 release in 2024.

Affected ProductsAI

Component: legacy ADI server.

RemediationAI

Monitor vendor advisories for a patch.

Share

CVE-2025-14376 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy