CVE 9.8 CRITICAL

Improper Access Control in Dinosoft Business Solutions’ Dinosoft ERP_CVE-2025-8025

February 11, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from < 3.0.1 through 11022026.

NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Improper Access Control vulnerability allowing unauthorized access to functionality in Dinosoft ERP

Basic Information

ID CVE-2025-8025

Source TR-CERT

Published Feb 11, 2026 at 12:19

Affected Product

Vendor Dinosoft Business Solutions

Product Dinosoft ERP

Version < 3.0.1

Affected Versions Dinosoft Business Solutions Dinosoft ERP < 3.0.1

CWE Classification

CWE-306 CWE-284

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Dinosoft Business Solutions

Product Dinosoft ERP

Version < 3.0.1

References

www.usom.gov.tr /bildirim/tr-26-0059

{
    "lastseen": "",
    "description": "Missing Authentication for Critical Function, Improper Access Control vulnerability in Dinosoft Business Solutions Dinosoft ERP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Dinosoft ERP: from < 3.0.1 through 11022026.\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-02-11T12:19:11.012Z",
    "modified": "2026-02-11T12:19:11.012Z",
    "type": "cve",
    "title": "Improper Access Control in Dinosoft Business Solutions' Dinosoft ERP",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-26-0059",
    "id": "CVE-2025-8025",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "Dinosoft Business Solutions Dinosoft ERP < 3.0.1",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Dinosoft ERP",
    "version": "< 3.0.1",
    "vendor": "Dinosoft Business Solutions",
    "ai_description": "Improper Access Control vulnerability allowing unauthorized access to functionality in Dinosoft ERP",
    "ai_severity": "Critical",
    "ai_vendor": "Dinosoft Business Solutions",
    "ai_product": "Dinosoft ERP",
    "ai_version": "< 3.0.1",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply