Home / Vulnerability Intelligence / CVE-2025-63912

CVE-2025-63912 - Vulnerability Analysis

HighCVSS: 7.5

Last Updated: March 5, 2026

Cohesity TranZman Migration Appliance - Weak Cryptography

Published: March 3, 2026Updated: March 5, 2026PoC AvailableRemote Exploitable

Overview

Cohesity TranZman Migration Appliance Release 4.0 Build 14614 contains weak cryptography caused by use of a weak encryption algorithm, letting attackers trivially reverse encryption and expose credentials, exploit requires no special conditions.

Severity & Score

Severity: High

CVSS Score: 7.5

Impact

Attackers can easily decrypt data and expose sensitive credentials, compromising system security.

Mitigation

Update to the latest version with improved cryptography.

References

https://gist.github.com/GregDurys/4c2765d76272cda64dfc78f7a75a9251
https://github.com/GregDurys/Cohesity-TranZman-CVEs

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2025-63912
Severity: High
CVSS Score: 7.5
Type: weak_cryptography
Status: confirmed

CWE

CWE-327

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N