Unencrypted Communication Vulnerability in Active Directory Services by Bizerba
CVE-2025-12508

8.4HIGH

Key Information:

Vendor: Bizerba
Status: Brain2
Vendor: CVE Published:; 31 October 2025

What is CVE-2025-12508?

The vulnerability found in Bizerba's BRAIN2 system allows domain users to communicate with Active Directory services without encryption. This serious issue can result in the interception of sensitive authentication data, posing a significant risk to user confidentiality and system integrity. Organizations using Bizerba products are encouraged to adopt appropriate security measures to mitigate this risk.

Affected Version(s)

BRAIN2 Windows 0.0 < 3.07

References

https://www.bizerba.com/downloads/global/information-secu...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 31, 2025
Vulnerability Reserved
Oct 30, 2025

JSON