CVE-2025-10227 identifies a vulnerability in AxxonSoft's AxxonOne C-Werk software, specifically in the Object Archive component prior to version 2.0.8 on Windows and Linux platforms. The core issue is the absence of encryption for sensitive data stored at rest within exported archives. This flaw allows a local attacker—someone with physical or local access to the storage media or exported data—to retrieve sensitive archive information in plaintext. The vulnerability is classified under CWE-311, which concerns missing encryption of sensitive data, a critical security oversight in systems handling confidential information. The attack vector is local (AV:P), requiring no privileges (PR:N) or user interaction (UI:N), but physical or local access is mandatory. The vulnerability impacts confidentiality (C:H) but does not affect integrity or availability. No patches were linked at the time of publication, and no exploits are known in the wild, indicating the vulnerability is newly disclosed. The affected product is widely used in video surveillance and security management, where archive data often contains sensitive video footage and metadata. The lack of encryption at rest exposes organizations to risks of data leakage if physical drives are stolen or improperly handled. This vulnerability underscores the necessity for encryption of sensitive archives and robust physical security controls in security-critical environments.

For European organizations, the exposure of sensitive archive data in plaintext poses significant confidentiality risks, especially for entities relying on AxxonOne C-Werk for video surveillance and security management. Such data may include sensitive video footage, personally identifiable information, or security event logs, which if disclosed, could lead to privacy violations, regulatory non-compliance (e.g., GDPR), and reputational damage. Critical infrastructure operators, government agencies, and private enterprises using this software are particularly vulnerable if physical security controls are insufficient. The risk is exacerbated in environments where exported storage media are transported or stored offsite without encryption. Although the vulnerability does not allow remote exploitation, insider threats or theft of physical drives could result in data breaches. The medium severity rating reflects the limited attack vector but significant confidentiality impact. European organizations must consider the regulatory implications of unencrypted sensitive data and potential legal liabilities.

Organizations should immediately assess their use of AxxonOne C-Werk and identify all instances running versions prior to 2.0.8. Until a patch is available, strict physical security controls must be enforced to prevent unauthorized access to exported archives and physical drives, including secure storage, access logging, and personnel vetting. Implement manual encryption of exported archive data using strong encryption tools before storage or transport. Regularly audit and monitor access to exported data and physical media. Establish policies for secure handling and disposal of storage devices containing sensitive data. Coordinate with AxxonSoft for timely updates and apply patches as soon as they are released. Additionally, consider network segmentation and limiting local access to systems managing sensitive archives to reduce insider threat risks. Training staff on the importance of physical security and data protection is also critical. Finally, review compliance with data protection regulations to ensure that current practices meet legal requirements for data confidentiality.