CNNVD-202507-2676 Information
CNNVD ID
CNNVD-202507-2676
Related CVE
- CNNVD Published: 2025-07-21
Description (Chinese)
Headwind MDM是一款用于管理企业中Android设备的平台。 Headwind MDM 5.33.1之前版本存在安全漏洞,该漏洞源于配置详情可被未授权用户访问,可能导致密码泄露。
Description (English)
Headwind MDM is a platform for managing Android equipment in a business. The previous version of Headwind MDM 5.33.1 had a security loophole, which stemmed from configuration details that could be accessed by unauthorized users and could lead to password leaks.
Hazard Level
High
Vulnerability Type
其他
Published
2025-07-21
Last Modified
2026-02-24
References
https://www.periculo.co.uk/cyber-security-blog/how-our-pen-tester-found-a-critical-vulnerability-cve-2025-43720 https://github.com/h-mdm/hmdm-server/commit/19e4a63f732c99064444df7e8c61b4f01df362e8 https://github.com/h-mdm/hmdm-server/compare/v5.32.1…v5.33.1 https://access.redhat.com/security/cve/cve-2025-43720
Patch
https://github.com/h-mdm/hmdm-server/releases
Share on: