CVE-2025-58744 - Vulnerability Details - OpenCVE

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Milner	Imagedirector Capture

No data.

No data.

References

Link	Providers
https://sra.io/advisories

History

Wed, 21 Jan 2026 11:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Milner Milner imagedirector Capture
Vendors & Products		Milner Milner imagedirector Capture

Tue, 20 Jan 2026 21:45:00 +0000

Type	Values Removed	Values Added
Description		Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.
Title		Hard-Coded Default Credentials Enable Document Archive Decryption in Milner ImageDirector Capture
Weaknesses		CWE-1392 CWE-798
References		https://sra.io/advisories
Metrics		cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: SRA

Published: 2026-01-20T21:38:02.361Z

Updated: 2026-01-20T21:38:02.361Z

Reserved: 2025-09-04T15:27:48.361Z

Link: CVE-2025-58744

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-01-20T22:15:51.890

Modified: 2026-01-20T22:15:51.890

Link: CVE-2025-58744

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-58744", "assignerOrgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "state": "PUBLISHED", "assignerShortName": "SRA", "dateReserved": "2025-09-04T15:27:48.361Z", "datePublished": "2026-01-20T21:38:02.361Z", "dateUpdated": "2026-01-20T21:38:02.361Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "ImageDirector Capture", "vendor": "Milner", "versions": [{"lessThan": "7.6.3.25808", "status": "affected", "version": "7.0.9.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Asa Reynolds (SRA)"}, {"lang": "en", "type": "finder", "value": "Rick Console (SRA)"}], "datePublic": "2026-01-20T19:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in \n\n Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key.\n\n<p>This issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808.</p>"}], "value": "Use of Default Credentials, Hard-coded Credentials vulnerability in\u00a0C2SGlobalSettings.dll in \n\n Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key.\n\nThis issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808."}], "impacts": [{"capecId": "CAPEC-191", "descriptions": [{"lang": "en", "value": "CAPEC-191 Read Sensitive Constants Within an Executable"}]}, {"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1392", "description": "CWE-1392 Use of Default Credentials", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "shortName": "SRA", "dateUpdated": "2026-01-20T21:38:02.361Z"}, "references": [{"url": "https://sra.io/advisories"}], "source": {"discovery": "UNKNOWN"}, "title": "Hard-Coded Default Credentials Enable Document Archive Decryption in Milner ImageDirector Capture", "x_generator": {"engine": "Vulnogram 0.5.0"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Use of Default Credentials, Hard-coded Credentials vulnerability in\u00a0C2SGlobalSettings.dll in \n\n Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key.\n\nThis issue affects ImageDirector Capture: from 7.0.9.0 before 7.6.3.25808."}], "id": "CVE-2025-58744", "lastModified": "2026-01-20T22:15:51.890", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}]}, "published": "2026-01-20T22:15:51.890", "references": [{"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "url": "https://sra.io/advisories"}], "sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}, {"lang": "en", "value": "CWE-1392"}], "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}]}