Sparx Enterprise Architect
Monthly
Sparx Enterprise Architect client stores and transmits OAuth2 client secrets in plaintext, allowing local attackers to extract credentials and impersonate the application to obtain unauthorized access tokens. The vulnerability affects at least version 16.1.1627 and potentially earlier versions; local file system access is required to retrieve the exposed secrets, but once obtained, an attacker can perform remote authentication without additional privileges. NCSC-FI reported this vulnerability and it is tracked as EUVD-2025-209512; exploitation likelihood is elevated due to the ease of credential extraction from local storage.
Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication
Sparx Enterprise Architect client stores and transmits OAuth2 client secrets in plaintext, allowing local attackers to extract credentials and impersonate the application to obtain unauthorized access tokens. The vulnerability affects at least version 16.1.1627 and potentially earlier versions; local file system access is required to retrieve the exposed secrets, but once obtained, an attacker can perform remote authentication without additional privileges. NCSC-FI reported this vulnerability and it is tracked as EUVD-2025-209512; exploitation likelihood is elevated due to the ease of credential extraction from local storage.
Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication