Cyber Resilience

CVE-2025-0556

High

Published: 12 February 2025

Published
12 February 2025
Modified
20 February 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.1th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0556 is a high-severity Cleartext Transmission of Sensitive Information (CWE-319) vulnerability in Progress Telerik Report Server. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Network Sniffing (T1040); ranked at the 35.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-8 (Transmission Confidentiality and Integrity).

Deeper analysis

CVE-2025-0556 is a vulnerability in Progress® Telerik® Report Server, affecting versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation. It involves the communication of non-sensitive information between the service agent process and app host process over an unencrypted tunnel, exposing this traffic to local network sniffing. Published on 2025-02-12, the issue is classified under CWE-319 (Cleartext Transmission of Sensitive Information) with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

An attacker with access to the local network can exploit this vulnerability by sniffing the unencrypted traffic between the processes. The attack requires no privileges (PR:N) and has low complexity (AC:L), though it necessitates user interaction (UI:R). Exploitation can result in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H).

The Telerik knowledge base advisory at https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556 provides details on mitigation, with upgrading to Telerik Report Server 2025 Q1 (11.0.25.211) or later addressing the unencrypted tunnel issue in the .NET Framework implementation.

EU & UK References

Vulnerability details

In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected…

more

to local network traffic sniffing.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1040 Network Sniffing Credential Access
Adversaries may passively sniff network traffic to capture information about an environment, including authentication material passed over the network.
Why these techniques?

Vulnerability exposes inter-process traffic in cleartext on local network, directly enabling passive network sniffing (T1040) by an attacker with local network access.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-23661Shared CWE-319
CVE-2025-70048Shared CWE-319
CVE-2024-42181Shared CWE-319
CVE-2024-43187Shared CWE-319
CVE-2025-13718Shared CWE-319
CVE-2024-36558Shared CWE-319
CVE-2024-44276Shared CWE-319
CVE-2025-69272Shared CWE-319
CVE-2026-30795Shared CWE-319
CVE-2026-22271Shared CWE-319

Affected Assets

progress
telerik report server
≤ 11.0.25.211

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires protection of the confidentiality and integrity of transmitted information, directly mitigating the unencrypted tunnel vulnerable to local network sniffing.

prevent

Mandates cryptographic mechanisms to protect communications, addressing the cleartext transmission of information between processes.

prevent

Directly requires timely remediation of the identified flaw via vendor upgrade that encrypts the inter-process tunnel.

References