CISA Adds TeleMessage TM SGNL Flaws to Known Exploited Vulnerabilities Catalog
TL;DR
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities affecting TeleMessage TM SGNL to its Known Exploited Vulnerabilities (KEV) catalog. These flaws, identified as CVE-2025-48927 and CVE-2025-48928, have been exploited in real-world attacks. Federal agencies are directed to address these vulnerabilities by July 22, 2025, to protect their networks.
CISA Adds TeleMessage TM SGNL Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical vulnerabilities affecting TeleMessage TM SGNL to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities have been identified and exploited in real-world attacks, highlighting the urgent need for mitigation.
Vulnerabilities Details
-
CVE-2025-48927 (CVSS score of 5.3): This flaw involves the initialization of a resource with an insecure default setting in TeleMessage TM SGNL. A misconfigured Spring Boot Actuator exposed a
/heapdump
endpoint, which was exploited in attacks during May 2025. -
CVE-2025-48928 (CVSS score of 4.0): This vulnerability exposes a core dump file to an unauthorized control sphere in TeleMessage TM SGNL. The service, based on a JSP application, includes heap content roughly equivalent to a “core dump,” which may contain sensitive information such as passwords sent over HTTP. This vulnerability was also exploited in May 2025.
Impact and Mitigation
According to the Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are required to address these vulnerabilities by the specified due date to safeguard their networks against potential attacks. CISA has set the deadline for federal agencies to fix these vulnerabilities by July 22, 2025.
Experts also recommend that private organizations review the Catalog and address these vulnerabilities within their infrastructure to enhance security measures.
Follow for Updates
For the latest updates and more information, follow @securityaffairs on Twitter, Facebook, and Mastodon. You can also connect with Pierluigi Paganini on LinkedIn.
For more details, visit the full article: source.
Conclusion
The addition of these TeleMessage TM SGNL vulnerabilities to CISA’s KEV catalog underscores the importance of timely mitigation to protect against cyber threats. Organizations must remain vigilant and proactive in addressing such vulnerabilities to ensure the security and integrity of their systems.