What is the severity of CVE-2025-0556?

CVE-2025-0556 has a severity rating that indicates a medium risk level due to the unencrypted communication of non-sensitive information.

How do I fix CVE-2025-0556?

To fix CVE-2025-0556, upgrade your Telerik Report Server to version 2025 Q1 (11.0.25.211) or later.

What versions are affected by CVE-2025-0556?

CVE-2025-0556 affects all versions of Telerik Report Server prior to 2025 Q1 (11.0.25.211).

What type of vulnerability is CVE-2025-0556?

CVE-2025-0556 is a security vulnerability related to the use of unencrypted communication between processes.

What impact does CVE-2025-0556 have on data security?

The impact of CVE-2025-0556 could potentially include exposure of non-sensitive information during transmission, though it does not directly allow for sensitive data access.

Vulnerability/
CVE-2025-0556

high

8.8

CWE

319

12/2/2025

20/2/2025

CVE-2025-0556: Telerik Report Server Clear Text Transmission of Agent Commands

First published: Wed Feb 12 2025(Updated: )

In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing.

Credit: security@progress.com

Affected Software	Affected Version	How to fix
Telerik Report Server	<2025 Q1
Telerik Reporting	<11.0.25.211

Never miss a vulnerability like this again

Reference Links

https://docs.telerik.com/report-server/knowledge-base/kb-security-cleartext-transmission-cve-2025-0556

Frequently Asked Questions

What is the severity of CVE-2025-0556?
CVE-2025-0556 has a severity rating that indicates a medium risk level due to the unencrypted communication of non-sensitive information.
How do I fix CVE-2025-0556?
To fix CVE-2025-0556, upgrade your Telerik Report Server to version 2025 Q1 (11.0.25.211) or later.
What versions are affected by CVE-2025-0556?
CVE-2025-0556 affects all versions of Telerik Report Server prior to 2025 Q1 (11.0.25.211).
What type of vulnerability is CVE-2025-0556?
CVE-2025-0556 is a security vulnerability related to the use of unencrypted communication between processes.
What impact does CVE-2025-0556 have on data security?
The impact of CVE-2025-0556 could potentially include exposure of non-sensitive information during transmission, though it does not directly allow for sensitive data access.

agent/title
agent/weakness
agent/description
agent/references
agent/type
agent/first-publish-date
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/author
agent/source
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
vendor/telerik
canonical/telerik report server
vendor/progress
canonical/telerik reporting

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.