Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202512-00000012

[Content Description]
【Ragic | Enterprise Cloud Database - Hard-coded Cryptographic Key】(CVE-2025-15016, CVSS: 9.8) An enterprise cloud database developed by Ragic contains a Hard-coded Cryptographic Key vulnerability. Unauthenticated remote attackers can use a fixed key to generate authentication information and then log in to the system as any user.

[Affected Platform]
Enterprise Cloud Database

[Recommended Actions]
Contact the vendor to install the patch

[References]
1. https://www.twcert.org.tw/tw/cp-132-10587-797c6-1.html