CVE-2025-20883

Summary

CVE-2025-20883 is a vulnerability affecting SoundPicker, where improper access controls were identified prior to the SMR Jan-2025 Release 1. This issue gave physical attackers the ability to bypass security restrictions and access data from multiple user profiles. The impact of this vulnerability could result in unauthorized access to sensitive information, potentially leading to privacy breaches or further system compromise. The SoundPicker team addressed this issue in their latest release, and users are strongly encouraged to install the update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.