Authorization Bypass in Usta Information Systems’ Aybs Interaktif_CVE-2025-8886

6.7 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Privilege Abuse, Authentication Bypass.This issue affects Aybs Interaktif: from 2024 through 28082025.

Basic Information

ID CVE-2025-8886

Source TR-CERT

Published Oct 10, 2025 at 13:48

Affected Product

Vendor Usta Information Systems Inc.

Product Aybs Interaktif

Version 2024

Affected Versions Usta Information Systems Inc. Aybs Interaktif 2024

CWE Classification

CWE-732 CWE-200 CWE-862 CWE-863

References

www.usom.gov.tr /bildirim/tr-25-0329

{
    "lastseen": "",
    "description": "Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Privilege Abuse, Authentication Bypass.This issue affects Aybs Interaktif: from 2024 through 28082025.",
    "published": "2025-10-10T13:48:28.078Z",
    "modified": "2025-10-10T13:48:28.078Z",
    "type": "cve",
    "title": "Authorization Bypass in Usta Information Systems' Aybs Interaktif",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0329",
    "id": "CVE-2025-8886",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732",
        "CWE-200",
        "CWE-862",
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "Usta Information Systems Inc. Aybs Interaktif 2024",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Aybs Interaktif",
    "version": "2024",
    "vendor": "Usta Information Systems Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}