Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Evope Core Hardcoded Cryptographic Key Vulnerability

Vulnerability

Exploited

A vulnerability in Evope Core version 1.1.3.20 allows local attackers to access sensitive information by exploiting hardcoded cryptographic keys. These keys, embedded in the source code, can be extracted and used to compromise encryption, as the same key is applied across all software installations. This flaw also eliminates the possibility of key rotation, leaving all users vulnerable to exploitation.

Impact

The hardcoded keys can be extracted and potentially used to decrypt sensitive information or authenticate unauthorized actions, compromising the security of all users simultaneously.

Added: Aug 29, 2025, 8:26 PM

Updated: Aug 29, 2025, 9:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.4

threat

8.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.0

remediation

0.0

relevance

0.4

threat

8.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Evope Core Hardcoded Cryptographic Key Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating