← ExploitWatch
HomeExploited Vulnerabilities

CVE-2025-27920 — Actively Exploited: Output Messenger (Srimax)

Srimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.

CVE IDCVE-2025-27920
VendorSrimax
ProductOutput Messenger
Vulnerability nameSrimax Output Messenger Directory Traversal Vulnerability
Date added2025-05-19
Remediation due2025-06-09
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionSrimax Output Messenger contains a directory traversal vulnerability that allows an attacker to access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →