CVE-2025-6513

| EUVD-2025-18871 CRITICAL
2025-06-23 0beee27a-7d8c-424f-8e46-ac453fa147e6
9.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 15, 2026 - 22:10 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 22:10 euvd
EUVD-2025-18871
CVE Published
Jun 23, 2025 - 13:15 nvd
CRITICAL 9.3

Tags

Microsoft Information Disclosure Windows Privilege Escalation

Description

Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.

Analysis

CVE-2025-6513 is a local privilege escalation vulnerability in the BRAIN2 application where standard Windows users can access and decrypt the application's database configuration file without authentication. This allows unprivileged local users to obtain database credentials and potentially compromise sensitive data, with a CVSS score of 9.3 indicating critical severity. The vulnerability affects system confidentiality, integrity, and availability across trust boundaries.

Technical Context

The vulnerability stems from CWE-260 (Passwords in Configuration Files) combined with improper access controls and weak or predictable encryption. The BRAIN2 application stores database connection credentials in a configuration file that is readable by standard (non-administrative) Windows users, and the encryption scheme protecting these credentials is either absent, weak, or uses hardcoded keys that can be decrypted by local users. The root cause is inadequate file system permissions (likely the config file lacks proper ACLs restricting access to SYSTEM or Administrators only) and potentially the use of symmetric encryption with embedded or easily derivable keys rather than secure credential storage mechanisms like Windows Data Protection API (DPAPI) or credential manager integration.

Affected Products

The vulnerability specifically affects BRAIN2 application (vendor and version not specified in the provided data; likely CPE would be vendor:brain2:*). Affected configurations include any Windows system running BRAIN2 where standard user accounts exist. Enterprise environments with multi-user workstations, shared terminals, or RDP access are at highest risk. Without access to vendor advisories or CVE details, specific vulnerable versions cannot be enumerated, but organizations should assume all current and recent versions are affected until a patch is released.

Remediation

Immediate mitigations include: (1) Restrict file system permissions on the BRAIN2 configuration file to SYSTEM and Administrators only using Windows ACLs, removing read access for standard users; (2) Move database credentials out of plaintext configuration files and use Windows DPAPI or integrated Windows authentication for database connections; (3) Implement strict access controls on workstations where BRAIN2 runs, limiting local user access where possible; (4) Monitor configuration file access using Windows Event Viewer or EDR solutions. Long-term remediation requires a vendor patch that stores credentials securely (DPAPI encryption at rest, environment variables, or credential manager integration). Organizations should contact the BRAIN2 vendor immediately for patch availability and release timeline. A temporary workaround is to run BRAIN2 service/process with a dedicated service account and restrict local file system access to that account only.

Priority Score

47
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +46
POC: 0

Share

CVE-2025-6513 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy