CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-64298

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.2%

CVSS Severity

CVSS v3 Score 8.4

References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01

Products affected by CVE-2025-64298

Mirion » Biodose/nmis » Version: Any

cpe:2.3:a:mirion:biodose/nmis:*
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64298

Products

Pricing

Contact Us