Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Cohesity TranZman Uses Weak Encryption, Exposing Data
CVE-2025-63912
Summary
Cohesity's TranZman Migration Appliance uses a weak encryption method that could allow attackers to easily access sensitive data and credentials. This means that data sent to the appliance is not as secure as it should be. To protect your data, update to the latest version of the appliance or use an alternative encryption method.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| cohesity | tranzman | 4.0 | – |
Original title
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expo...
Original description
Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose credentials.
nvd CVSS3.1
7.5
Vulnerability type
CWE-327
Use of a Broken Cryptographic Algorithm
- https://gist.github.com/GregDurys/4c2765d76272cda64dfc78f7a75a9251 Exploit Third Party Advisory
- https://github.com/GregDurys/Cohesity-TranZman-CVEs Third Party Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026