CVE-2025-31362: Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is...

3.7 CVSS

Description

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available.
The vendor provides the workaround information and recommends to apply it to the deployment environment.

Classification

CVE ID: CVE-2025-31362

CVSS Base Severity: LOW

CVSS Base Score: 3.7

CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem Types

Use of hard-coded cryptographic key

Affected Products

Vendor: OPEN, Inc.

Product: BizRobo!

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 5.53% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-31362
https://knowledge.bizrobo.com/hc/ja/articles/39951710517145
https://knowledge.bizrobo.com/hc/ja/articles/39952052043289
https://knowledge.bizrobo.com/hc/ja/articles/39953373809305
https://knowledge.bizrobo.com/hc/ja/articles/360029772271
https://jvn.jp/en/jp/JVN30641875/

Timeline

2025-04-11 10:40:20 UTC
CVE

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is...