How to fix CVE-2025-47729?

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

Is Text Message Archiver affected by CVE-2025-47729?

CVE-2025-47729 is a low-severity vulnerability (CVSS 1.9). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation. Apply vendor updates when available as part of routine maintenance.

Text Message Archiver CVE-2025-47729

LOW

Hidden Functionality (CWE-912)

2025-05-08 [email protected]

Information Disclosure Text Message Archiver

1.9

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:40 vuln.today

Added to CISA KEV

Nov 05, 2025 - 19:26 cisa

CISA KEV

CVE Published

May 08, 2025 - 14:15 nvd

LOW 1.9

DescriptionNVD

The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.

AnalysisAI

The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage. Rated low severity (CVSS 1.9). Actively exploited in the wild (cisa kev) and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-912. The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025. Affected products include: Telemessage Text Message Archiver. Version information: through 2025.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-47729 vulnerability details – vuln.today

Back

Text Message Archiver CVE-2025-47729

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code