Information Exposure Vulnerability in TeleMessage by TeleMessage
CVE-2025-48928

4MEDIUM

Key Information:

Vendor: Telemessage
Status: Service
Vendor: CVE Published:; 28 May 2025

🔔 Create Telemessage Vulnerability Alert

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

What is CVE-2025-48928?

The TeleMessage service, functioning through a JSP application, has a significant vulnerability that allows the heap content of the application to be accessed. This vulnerability can expose sensitive information, such as passwords transmitted over HTTP, resembling a core dump. Exploits utilizing this weakness have been active in the wild since May 2025, raising serious security concerns for users of the service.

CISA has reported CVE-2025-48928

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-48928 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

service 0 <= 2025-05-05

News Articles

BankInfoSecurity

CVE-2025-48927 CVE-2025-48928

Attackers Target Legacy Code in TeleMessage's Signal Clone

Attackers are actively attempting to exploit a vulnerability that exists in older versions of the Signal message app clone TeleMessage TM SGNL, built by Smarsh to

5 days ago

The Register

CVE-2025-48927 CVE-2025-48928

CISA tells TeleMessage users to patch after active exploits

The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discontinue...

3 weeks ago