CVE-2025-47730
HIGH EPSS 24.1%
Published May 8, 20251y ago · Modified Jun 17, 20262w ago
7.5 CVSS 3.1
Published May 8, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None
Threat Intelligence
EPSS Exploit Probability
24.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-798 Use of Hard-coded Credentials Authentication
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| smarsh | telemessage | * | ≤2025-05-05 |
References 4
- arstechnica.com https://arstechnica.com/security/2025/05/signal-clone-used-by-trump-official-stops-operations-after-report-it-was-hacked/
- github.com https://github.com/micahflee/TM-SGNL-Android/blob/bd7ccbb8bc79193fc4c57cae7cc1051e6250fa89/app/src/tm/java/org/archiver/ArchiveConstants.kt#L45-L46
- news.ycombinator.com https://news.ycombinator.com/item?id=43909220
- theregister.com https://www.theregister.com/2025/05/05/telemessage_investigating/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.