CVE Catalog
CVE-2026-37454
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.15%
4th percentile — higher than 4% of all known CVEs
Summary
Insecure permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via 3DES-ECB encryption.
Risk Assessment
An attacker can remotely intercept confidential data processed by the service, leading to a breach of information confidentiality in the organization.
Recommendation
Immediately update MSI NBFoundation Service to the latest version that fixes this vulnerability and consider using stronger encryption algorithms.
Original NVD description (English source)
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption

