CVE-2025-10227 is a vulnerability identified in the Object Archive component of AxxonSoft's AxxonOne video management software versions prior to 2.0.8 on both Windows and Linux platforms. The core issue is the absence of encryption for sensitive data stored at rest within the Object Archive. This weakness is classified under CWE-311, which pertains to missing encryption of sensitive information. Due to this flaw, any local attacker who gains access to the exported storage or physically acquires the drives containing the archive data can extract sensitive information in plaintext without requiring authentication or user interaction. The vulnerability does not affect the integrity or availability of the data but poses a significant confidentiality risk. The CVSS 3.1 base score is 4.6 (medium severity), reflecting the local attack vector (AV:P), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). There are no known exploits in the wild, and no patches have been linked yet, indicating that mitigation may currently rely on compensating controls or awaiting vendor updates. This vulnerability highlights the critical need for encryption of sensitive data at rest in security and surveillance systems to prevent unauthorized data disclosure through physical or local access.

For European organizations, especially those utilizing AxxonOne for video surveillance and security management, this vulnerability presents a tangible risk of sensitive data exposure. The Object Archive likely contains video footage, metadata, or other security-related information that, if accessed in plaintext, could compromise privacy, reveal operational details, or aid malicious actors in planning further attacks. Organizations in sectors such as critical infrastructure, transportation, government, and large enterprises that rely on video surveillance for security monitoring are particularly at risk. The breach of confidentiality could lead to regulatory non-compliance under GDPR, resulting in legal and financial penalties. Furthermore, the physical theft or unauthorized access to storage media is a realistic threat in environments with less stringent physical security controls. Although the vulnerability requires local access, insider threats or theft of hardware could exploit this weakness. The lack of encryption at rest undermines the overall security posture and could erode trust in the affected organizations’ ability to protect sensitive surveillance data.

To mitigate this vulnerability effectively, European organizations should: 1) Immediately restrict physical and local access to servers and storage devices hosting AxxonOne Object Archive data through enhanced physical security measures such as locked server rooms, surveillance, and access logging. 2) Implement full disk encryption or volume-level encryption on storage devices to protect data at rest independently of application-level encryption, ensuring that even if drives are stolen, data remains inaccessible. 3) Monitor and audit access to exported storage locations to detect unauthorized attempts to access or copy archive data. 4) Engage with AxxonSoft to obtain updates or patches addressing this vulnerability and plan timely deployment once available. 5) Consider isolating the Object Archive storage on dedicated, secure hardware with limited access and network segmentation to reduce exposure. 6) Train personnel on the risks of local data exposure and enforce strict policies on handling and transporting storage media. These steps go beyond generic advice by focusing on compensating controls that protect data confidentiality until vendor patches are released.