Hard-Coded Password Vulnerability in SS1 by Dos Osaka
CVE-2025-58081

8.7HIGH

Key Information:

Vendor: Dos Co., Ltd.
Status: Ss1
Vendor: CVE Published:; 28 August 2025

🔔 Create Dos Co., Ltd. Vulnerability Alert

What is CVE-2025-58081?

A vulnerability in SS1 versions up to 16.0.0.10 allows attackers to exploit hard-coded passwords, enabling them to access arbitrary files with elevated privileges. This poses significant security risks as unauthorized users can leverage this flaw to compromise system integrity and confidentiality. Immediate action is recommended to mitigate any potential threats.

Affected Version(s)

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) (Affected under MacOS environment only)

References

https://www.dos-osaka.co.jp/news/2025/08/250827.html

https://jvn.jp/en/jp/JVN99577552/

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Aug 25, 2025