Skip to main content

Worksnaps Net Worksnaps

1 CVEs product

Monthly

CVE-2025-10560 CRITICAL PATCH Act Now

Credential exposure in Worksnaps client application before version 1.6.20260201 allows attackers who obtain the binaries to extract hardcoded AWS root credentials and S3 bucket identifiers, granting access to production cloud resources containing sensitive user desktop screenshots. The flaw was disclosed by SEC-VLab (SEC Consult) and a vendor-patched build is available; no public exploit identified at time of analysis, though credential extraction from distributed binaries is trivial once the artifact is obtained.

Authentication Bypass Information Disclosure Worksnaps Net Worksnaps
NVD VulDB
CVSS 4.0
9.3
EPSS
0.4%
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Credential exposure in Worksnaps client application before version 1.6.20260201 allows attackers who obtain the binaries to extract hardcoded AWS root credentials and S3 bucket identifiers, granting access to production cloud resources containing sensitive user desktop screenshots. The flaw was disclosed by SEC-VLab (SEC Consult) and a vendor-patched build is available; no public exploit identified at time of analysis, though credential extraction from distributed binaries is trivial once the artifact is obtained.

Authentication Bypass Information Disclosure Worksnaps Net Worksnaps
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy