Authentication Bypass Vulnerability in E-Kent Pallium Vehicle Tracking
CVE-2024-9334

8.2HIGH

Key Information:

Vendor: E-kent
Status: Pallium Vehicle Tracking
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability exists in E-Kent Pallium Vehicle Tracking due to the use of hard-coded credentials and the storage of sensitive data without appropriate access controls. This flaw enables an attacker to bypass authentication mechanisms, thereby compromising the security of sensitive vehicle tracking information. Users are advised to update their systems to the latest versions to mitigate these security risks.

Affected Version(s)

Pallium Vehicle Tracking 0 < 17.10.2024

References

https://www.usom.gov.tr/bildirim/tr-25-0044

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Sep 30, 2024

Credit

Mustafa Anil YILDIRIM