CVE-2025-4319 | THREATINT

Description

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED Reserved 2025-05-05 | Published 2026-01-23 | Updated 2026-01-23 | Assigner TR-CERT

CRITICAL: 9.4CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Problem types

CWE-307 Improper Restriction of Excessive Authentication Attempts

CWE-640 Weak Password Recovery Mechanism for Forgotten Password

Product status

Default status

affected

Any version

affected

Credits

Hüseyin ÜZÜM finder

References

www.usom.gov.tr/bildirim/tr-26-0005

cve.org (CVE-2025-4319)

nvd.nist.gov (CVE-2025-4319)

Download JSON