Inadequate Encryption Strength in SS1 Media Product by Vendor
CVE-2025-46409

8.7HIGH

Key Information:

Vendor: Dos Co., Ltd.
Status: Ss1
Vendor: CVE Published:; 28 August 2025

🔔 Create Dos Co., Ltd. Vulnerability Alert

What is CVE-2025-46409?

An encryption weakness has been identified in SS1 version 16.0.0.10 and earlier, as well as Media version 16.0.0a and earlier. This issue allows remote attackers to exploit a function requiring authentication, thereby gaining unauthorized access to potentially sensitive resources. It is crucial for users to apply fixes or updates to mitigate this risk and secure their systems against potential unauthorized access.

Affected Version(s)

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier)

References

https://www.dos-osaka.co.jp/news/2025/08/250827.html

https://jvn.jp/en/jp/JVN99577552/

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Aug 25, 2025