Hard-coded Credentials Vulnerability in Logo Software TigerWings ERP
CVE-2025-10609

5.9MEDIUM

Key Information:

Vendor: Logo Software Inc.
Status: Tigerwings Erp
Vendor: CVE Published:; 3 October 2025

🔔 Create Logo Software Inc. Vulnerability Alert

What is CVE-2025-10609?

A hard-coded credentials vulnerability in Logo Software's TigerWings ERP allows unauthorized access to sensitive constants within an executable. This flaw poses a risk to data integrity by enabling attackers to exploit the hard-coded credentials, potentially leading to data leaks and system compromises. The affected versions include all TigerWings ERP releases from 01.01.00 to just before 3.03.00, highlighting the need for users to review their systems for this security risk and implement necessary updates or mitigations.

Affected Version(s)

TigerWings ERP 01.01.00 < 3.03.00

References

https://www.usom.gov.tr/bildirim/tr-25-0313

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Sep 17, 2025

Credit

Oguzhan Karasu

JSON