1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

Known Exploited Vulnerabilities CVE-2025-48927

TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2025-48927 TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability exploitation_technique T1212 Exploitation for Credential Access
Comments
TeleMessage TM SNGL's Spring Boot Actuator exposes the /heapdump endpoint publicly, allowing an unauthenticated attacker to access it.
References
  1. https://www.labs.greynoise.io/grimoire/2025-07-16-checking-the-scope-of-cve-2025-48927/
CVE-2025-48927 TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability primary_impact T1005 Data from Local System
Comments
TeleMessage TM SNGL's Spring Boot Actuator exposes the /heapdump endpoint publicly, allowing an unauthenticated attacker to access it.
References
  1. https://www.labs.greynoise.io/grimoire/2025-07-16-checking-the-scope-of-cve-2025-48927/
CVE-2025-48927 TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability primary_impact T1555 Credentials from Password Stores
Comments
TeleMessage TM SNGL's Spring Boot Actuator exposes the /heapdump endpoint publicly, allowing an unauthenticated attacker to access it.
References
  1. https://www.labs.greynoise.io/grimoire/2025-07-16-checking-the-scope-of-cve-2025-48927/