[VULNERABILITY ALERT] Ragic | Enterprise Cloud Database - Hard-coded Cryptographic Key (CVE-2025-15016)

• Subject: [VULNERABILITY ALERT] Ragic | Enterprise Cloud Database - Hard-coded Cryptographic Key (CVE-2025-15016)

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202512-00000012
  • [Ragic | Enterprise Cloud Database - Hard-coded Cryptographic Key] (CVE-2025-15016, CVSS: 9.8) The Enterprise Cloud Database developed by Ragic contains a Hard-coded Cryptographic Key vulnerability. A remote unauthenticated attacker can use the fixed key to generate authentication information, thereby logging into the system as any user.
• Affected Platforms:
  • Enterprise Cloud Database
• Recommended Actions:
  • Contact the vendor to install the patch.
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-132-10587-797c6-1.html

Computer and Communication Center
Network Systems Division, Respectfully