Home

Description

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in CBK Soft Software Hardware Electronic Computer Systems Industry and Trade Inc. EnVision allows Account Footprinting.This issue affects enVision: before 250566.

PUBLISHED Reserved 2025-09-29 | Published 2025-10-24 | Updated 2025-10-28 | Assigner TR-CERT




HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-203 Observable Discrepancy

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

Product status

Default status
unaffected

Any version before 250566
affected

Credits

Emre AKTAŞ finder

References

www.usom.gov.tr/bildirim/tr-25-0361

cve.org (CVE-2025-11145)

nvd.nist.gov (CVE-2025-11145)

Download JSON