Insecure Protocol Implementation in CGM MEDICO by CGM
CVE-2025-48981

8.6HIGH

Key Information:

Vendor: Compugroup Medical
Status: Cgm Medico
Vendor: CVE Published:; 8 October 2025

🔔 Create Compugroup Medical Vulnerability Alert

What is CVE-2025-48981?

An insecure implementation of the DNET protocol in CGM MEDICO exposes the system to potential data manipulation and eavesdropping risks for attackers on the intranet due to optional encryption. This vulnerability allows malicious actors to intercept and modify sensitive information transmitted over the network, leading to severe security breaches. Organizations using CGM MEDICO should ensure they apply necessary security patches and review their network protocols to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CGM MEDICO 29.0 < 29.1

References

https://www.cgm.com/deu_de/allgemein/cybersecurity-en/sec...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 8, 2025
Vulnerability Reserved
May 29, 2025

JSON

Compugroup Medical