Authorization Flaw in rymcu Forest Affects Security of Banking API
CVE-2025-12924

5.3MEDIUM

Key Information:

Vendor: Rymcu
Status: Forest
Vendor: CVE Published:; 10 November 2025

🔔 Create Rymcu Vulnerability Alert

What is CVE-2025-12924?

A vulnerability exists in rymcu Forest due to improper authorization controls within the GlobalResult function of the BankController API. This flaw allows an attacker to exploit the system remotely and gain unauthorized access. The rolling release model of the product means version-specific details concerning affected releases are not disclosed, heightening the need for vigilance among users.

Affected Version(s)

forest de53ce79db9faa2efc4e79ce1077a302c42a1224

References

https://vuldb.com/?id.331644

vdb-entrytechnical-description

https://vuldb.com/?ctiid.331644

signaturepermissions-required

https://vuldb.com/?submit.681079

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Nov 9, 2025

Credit

1098024193 (VulDB User)

.

CVE-2025-12924 : Authorization Flaw in rymcu Forest Affects Security of Banking API