← back
CVE-2025-4320

Information Disclosure in Birebirsoft's Sufirmam

CVSS 10 CRITICALEPSS 0.5%CWE-305CWE-640
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Birebirsoft Software and Technology Solutions · Sufirmam

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0005https://www.usom.gov.tr/bildirim/tr-26-0005