Main Vulnerability Database Vulnerabilities #VU113109

Inclusion of Sensitive Information in Log Files in region PAY - CVE-2025-52580

Published: July 22, 2025

Vulnerability identifier: #VU113109

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-52580

CWE-ID: CWE-532

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Gift Pad

Affected software:
region PAY

Detailed vulnerability description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. An attacker with physical access can read the log files and gain access to sensitive data.

How to mitigate CVE-2025-52580

Install updates from vendor's website.

Sources

https://jvn.jp/en/jp/JVN07825095/index.html

Inclusion of Sensitive Information in Log Files in region PAY - CVE-2025-52580

Detailed vulnerability description

How to mitigate CVE-2025-52580

Sources

Please verify you're human