CVE-2025-45702 identifies a security vulnerability in SoftPerfect Pty Ltd's Connection Quality Monitor version 1.1, where all user credentials are stored in plaintext. This means that sensitive authentication data such as usernames and passwords are saved without any encryption or hashing mechanism, making them directly readable by anyone who gains access to the storage location. The vulnerability arises from insecure credential storage practices, which violate fundamental security principles and increase the risk of credential theft. If an attacker obtains access to the system or backup files containing these plaintext credentials, they can easily compromise user accounts, potentially leading to unauthorized access to network resources or further lateral movement within an organization. Although no specific affected versions beyond v1.1 are listed, and no patches or mitigations have been published yet, the vulnerability is significant due to the sensitive nature of stored credentials. No known exploits are currently reported in the wild, but the simplicity of exploiting plaintext credential storage means that threat actors could develop attacks rapidly once the vulnerability is publicly known. The lack of a CVSS score limits precise severity quantification, but the core issue is a critical security flaw in credential management.

For European organizations using SoftPerfect Connection Quality Monitor v1.1, this vulnerability poses a serious risk to confidentiality and integrity of authentication data. Compromise of plaintext credentials can lead to unauthorized access to monitoring systems and potentially connected network infrastructure, enabling attackers to disrupt network performance monitoring or pivot to other critical systems. This can result in operational disruptions, data breaches, and loss of trust. Additionally, given the GDPR and other stringent data protection regulations in Europe, exposure of credentials could lead to regulatory penalties and reputational damage. Organizations relying on this software for network quality monitoring should consider the risk of insider threats or external attackers gaining access to stored credentials, which could facilitate broader attacks on their IT environments.

Immediate mitigation steps include restricting access permissions to the files or databases where credentials are stored to the minimum necessary users and systems. Organizations should monitor and audit access logs for suspicious activity around these credential stores. Until an official patch or update is released by SoftPerfect, users should consider migrating to alternative network monitoring tools that follow secure credential storage practices. If migration is not feasible, organizations should implement compensating controls such as encrypting the storage location at the filesystem or disk level, using network segmentation to isolate the monitoring system, and enforcing strong authentication policies elsewhere to limit the impact of credential compromise. Additionally, credentials stored in plaintext should be rotated frequently, and multi-factor authentication should be enabled on any systems accessible with these credentials to reduce exploitation risk.