CISA provides TeleMessage flaw to KEV record, urges businesses to behave inside 3 weeks after a breach uncovered unencrypted chats. The Israeli App was utilized by Trump officers!
A severe flaw in TM SGNL, a messaging app by US-Israeli agency TeleMessage utilized by former Trump administration officers, has now landed on CISA’s Recognized Exploited Vulnerabilities (KEV) record. The transfer follows experiences of a breach that uncovered delicate communications and backend information.
The Cybersecurity and Infrastructure Safety Company (CISA) added CVE-2025-47729 to its KEV catalogue this week. The itemizing confirms that the vulnerability has been exploited within the wild and units a three-week deadline for federal businesses to handle the problem.
Breach and Analysis Findings
On Could 5, Hackread.com reported that TeleMessage had halted operations of TM SGNL after attackers gained entry to backend programs and person message information. The breach solid doubt on the platform’s core safety claims.
Safety researcher Micah Lee analyzed the app’s supply code and located a severe hole in its encryption mannequin. Whereas TeleMessage acknowledged that TM SGNL used end-to-end encryption, Lee’s findings counsel in any other case. Communication between the app and its remaining storage level lacked full encryption, which opened the door for attackers to intercept plaintext chat logs.
This discovering raised some severe safety and privateness issues given the app’s previous use by high-level figures, together with former nationwide safety advisor Mike Waltz.
Why CISA Acted
CISA’s resolution so as to add the flaw to its KEV record sends a transparent message to authorities businesses: the software program isn’t secure. It places stress on them to patch or drop it rapidly.
Thomas Richards, Infrastructure Safety Observe Director at Black Duck, mentioned the choice probably stemmed from the software program’s use in authorities:
“This vulnerability was most likely added to the KEV record due to who was utilizing it. With delicate authorities conversations concerned, the breach takes on one other degree of danger. CISA’s transfer is about ensuring businesses know this software program shouldn’t be trusted.”
Casey Ellis, founding father of Bugcrowd, added that the inclusion confirms the severity:
“CISA is ensuring federal businesses bought the message. The truth that the logs weren’t correctly encrypted modifications the danger equation. And whereas the CVSS 1.9 rating could seem low, it nonetheless displays the hazard of compromising the machine storing these logs.”
What’s Subsequent
Federal businesses at the moment are required to behave inside three weeks. Organizations outdoors the federal government are additionally suggested to evaluate the KEV catalogue and contemplate prioritizing patches or different options.
The breach and following KEV itemizing have pushed TeleMessage into a bigger dialogue about transparency, encryption requirements, and the safety infrastructure of platforms utilized in political and governmental communication.
For extra info, the CVE entry is obtainable by way of NVD, and the KEV catalogue will be accessed on the CISA web site.
