Access Control Vulnerability in TSplus Remote Access by TSplus
CVE-2025-5922

4.8MEDIUM

Key Information:

Vendor: Tsplus
Status: Tsplus Remote Access
Vendor: CVE Published:; 29 July 2025

What is CVE-2025-5922?

An access control vulnerability exists in the TSplus Remote Access Admin Tool, primarily affecting versions prior to v18.40.6.17. The vulnerability allows unauthorized access to sensitive information due to the improper handling of the PIN code's hash, which is stored in an accessible system registry without adequate protection. This oversight facilitates brute-force attacks and exploitation through rainbow tables since the hash is unprotected and not salted. Users of older and Long-Term Support versions must implement available updates to secure their systems effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TSplus Remote Access Windows 0

References

https://cert.pl/en/posts/2025/07/CVE-2025-5922

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Jun 9, 2025

Credit

Michał Walkowski, PhD

JSON

Tsplus

What is CVE-2025-5922?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.