smarsh
Security Risk Profile
41
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 10 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from May 5, 2025 to present
10
Total CVEs
4
Critical+High
4
Exploited
4
Unpatched
Threat Assessment
Avg CVSS
6.6
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
4
Critical/High
Risk Level
41/100
medium
⚠️ 4 Active Exploits
Severity Distribution
Critical
1High
3Medium
4Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
8Age Distribution
Common Weaknesses (CWE)
No CWE data available
Most Affected Products
1. Smarsh TeleMessage10
2. TeleMessage TeleMessage service5
3. TeleMessage TM SGNL2
4. Smarsh TeleMessage SGNL1
5. TeleMessage TM SGNL app1
Recent Vulnerabilities
See more →https://www.bleepingcomputer.com/news/security/hackers-scanning-for-telemessage-signal-clone-flaw-exposing-passwords/
unknown
Hackers scanning for TeleMessage Signal clone flaw exposing passwords
7/18/2025⚠ Exploited🔧 No Patch
CVE-2025-48925
CVSS 7.5EPSS 0%high
5/28/2025🔧 No Patch
CVE-2025-48926
CVSS 7.5EPSS 0%high
5/28/2025🔧 No Patch
CVE-2025-48927
CVSS 5.3EPSS 0%medium
TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability
5/28/2025⚠ Exploited
CVE-2025-48928
CVSS 4.0EPSS 0%medium
TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability
5/28/2025⚠ Exploited
CVE-2025-48931
CVSS 5.5EPSS 0%medium
5/28/2025🔧 No Patch
CVE-2025-48930
CVSS 5.3EPSS 0%medium
5/28/2025🔧 No Patch
CVE-2025-48929
CVSS 9.8EPSS 0%critical
5/28/2025🔧 No Patch
CVE-2025-47730
CVSS 7.5EPSS 0%high
5/8/2025🔧 No Patch
https://www.theregister.com/2025/05/05/telemessage_investigating/
unknown
TeleMessage probes 'hack' of Signal clone used by Feds
5/5/2025⚠ Exploited🔧 No Patch
Monitor smarsh in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.