Login Sign Up

CVE-2025-45702

6.5 MEDIUM

📋 TL;DR

SoftPerfect Connection Quality Monitor v1.1 stores all credentials in plaintext, allowing attackers with access to the system to read sensitive authentication data. This affects all users of version 1.1 who rely on the software for network monitoring.

💻 Affected Systems

Products:
  • SoftPerfect Connection Quality Monitor
Versions: 1.1
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.1 are vulnerable regardless of configuration.

📦 What is this software?

Connection Quality Monitor by Softperfect

View all CVEs affecting Connection Quality Monitor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative access to monitored systems by extracting plaintext credentials, leading to complete network compromise and data exfiltration.

🟠

Likely Case

Local or remote attackers with system access steal credentials for lateral movement within the network, potentially accessing other systems.

🟢

If Mitigated

With proper access controls, only authorized users can access credential files, limiting exposure to trusted personnel.

🌐 Internet-Facing: MEDIUM - If the software or its data is exposed to the internet, credentials could be stolen remotely.
🏢 Internal Only: HIGH - Internal attackers or malware with local access can easily extract all stored credentials.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires access to credential storage files, which may be protected by file permissions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: https://softperfect.com

Restart Required: No

Instructions:

No official patch exists. Contact SoftPerfect for updated version information and migration guidance.

🔧 Temporary Workarounds

Restrict File Access

all

Apply strict file permissions to credential storage files to prevent unauthorized reading.

chmod 600 /path/to/credentials (Linux)
icacls "C:\path\to\credentials" /inheritance:r /grant:r "%USERNAME%":F (Windows)

Encrypt Credential Files

all

Use filesystem encryption or third-party tools to encrypt credential storage files.

🧯 If You Can't Patch

  • Isolate the monitoring system on a separate network segment with strict access controls.
  • Monitor credential file access attempts and implement alerting for suspicious activity.

🔍 How to Verify

Check if Vulnerable:

Check if Connection Quality Monitor version is 1.1 via Help > About menu or configuration files.

Check Version:

Not applicable - check via application interface or configuration.

Verify Fix Applied:

Verify credential files are encrypted or inaccessible to unauthorized users through file inspection tools.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to credential storage files
  • Unexpected process accessing credential files

Network Indicators:

  • Unusual outbound connections from monitoring system to other network segments

SIEM Query:

EventID=4663 AND ObjectName LIKE '%credentials%' AND AccessMask=0x1 (Windows) OR 'audit' AND 'open' AND 'credentials' (Linux)

📊 Metadata

CVE ID: CVE-2025-45702
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE: CWE-256
EPSS Score: 0.04% exploit probability (10.4th percentile)
Published: July 24, 2025
Last Updated: October 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-45702, you might also want to check these:

CVE-2024-23486 9.8

This vulnerability allows unauthenticated attackers on the same network to obtain router credentials...

Same vulnerability type (CWE-256)
CVE-2025-5893 9.8

Smart Parking Management System from Honding Technology exposes plaintext administrator credentials ...

Same vulnerability type (CWE-256)
CVE-2025-6561 9.8

Hunt Electronic HBF-09KD and HBF-16NK hybrid DVR models expose a system configuration file containin...

Same vulnerability type (CWE-256)