CVE-2025-10221

Hardcoded Password Exposure in AxxonNet (C-WerkNet) ARP Agent Logs

Description

Insertion of Sensitive Information into Log File (CWE-532) in the ARP Agent component in AxxonSoft Axxon One / AxxonNet / C-WerkNet 2.0.4 and earlier on Windows platforms allows a local attacker to obtain plaintext credentials via reading TRACE log files containing serialized JSON with passwords.

INFO

Published Date :

2025-09-10T12:31:52.575Z

Last Modified :

2025-10-08T12:02:15.274Z

Source :

AxxonSoft

AFFECTED PRODUCTS

The following products are affected by CVE-2025-10221 vulnerability.

Vendors	Products
Axxonsoft	Axxon One
Microsoft	Windows

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-10221.

URL	Resource
https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact