During an authorised penetration testing assessment of Xpand IT Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows an attacker to retrieve…