Back to search
CVE-2025-8307
Published: Jan 8, 2026
Modified: Jan 8, 2026
PUBLISHED
Description
Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm embedded in the client-side part of the software. This vulnerability has been fixed in versions 4.50.1 and 5.38.0
| Vendor | Product | Versions |
|---|---|---|
Asseco | InfoMedica Plus | affected 5.0.0 - < 5.38.0affected 4.0.0 - < 4.50.1 |
Weaknesses (CWE)
References
https://cert.pl/en/posts/2026/01/CVE-2025-8306/
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now