Authorization Bypass Vulnerability in Turpak Automatic Station Monitoring System
CVE-2025-4040

7.1HIGH

Key Information:

Vendor: Turpak
Status: Automatic Station Monitoring System
Vendor: CVE Published:; 21 July 2025

What is CVE-2025-4040?

A vulnerability has been identified in the Turpak Automatic Station Monitoring System that allows an authorization bypass through a user-controlled key. This issue could potentially lead to privilege escalation, enabling unauthorized users to gain higher access rights than intended. The vulnerability affects versions prior to 5.0.6.51, and it is crucial for users to update their systems to mitigate the risk.

Affected Version(s)

Automatic Station Monitoring System 0 < 5.0.6.51

References

https://www.usom.gov.tr/bildirim/tr-25-0165

third-party-advisory

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
Apr 28, 2025

Credit

Burak AKSU

Secure Future Inc.