What is the CVSS score of EUVD-2025-201006?

EUVD-2025-201006 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of Restaurant Point Of Sale are affected by EUVD-2025-201006?

Abacre Restaurant POS systems up to version 15.0.0.1656 expose valid license keys in process memory, creating a risk of unauthorized system access and potential data compromise across restaurant…

Is there a public PoC exploit available for EUVD-2025-201006?

Yes, a public proof-of-concept exploit is available for EUVD-2025-201006. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate EUVD-2025-201006?

Within 24 hours: Identify all Abacre POS installations in your environment and document their versions and network locations. Within 7 days: Implement network segmentation to restrict POS system access and monitor process memory for suspicious access attempts; contact Abacre for patch availability timeline. Within 30 days: Establish a plan to upgrade to a patched version once available or evaluate alternative POS vendors; conduct memory forensics on all affected systems for signs of compromise.

Restaurant Point Of Sale EUVD-2025-201006

| CVE-2025-65320 HIGH

Cleartext Storage of Sensitive Information (CWE-312)

2025-12-03 cve@mitre.org

Information Disclosure Restaurant Point Of Sale

7.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 16:14 euvd

EUVD-2025-201006

Analysis Generated

Mar 15, 2026 - 16:14 vuln.today

PoC Detected

Dec 18, 2025 - 21:02 vuln.today

Public exploit code

CVE Published

Dec 03, 2025 - 16:15 nvd

HIGH 7.5

DescriptionCVE.org

Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory during an activation attempt.

Analysis

Technical ContextAI

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls. This vulnerability is classified as Cleartext Storage of Sensitive Information (CWE-312).

RemediationAI

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

EUVD-2025-201006 vulnerability details – vuln.today

Back

Restaurant Point Of Sale EUVD-2025-201006

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code