Denial-of-Service Vulnerability in Authentication Systems by a Major Vendor
CVE-2025-53968

7.5HIGH

Key Information:

Vendor: Evmapa
Status: Evmapa
Vendor: CVE Published:; 22 January 2026

What is CVE-2025-53968?

This vulnerability allows attackers to exploit a lack of restrictions on the number of authentication attempts, enabling them to send repeated login requests. This can cause a denial-of-service condition, overwhelming the system and rendering it inaccessible to legitimate users. By exploiting this misconfiguration, attackers may also leverage brute-force techniques to gain unauthorized access, compromising the integrity and availability of the service. Ensure proper mitigation techniques are in place to safeguard against such attacks.

Affected Version(s)

EVMAPA All versions

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-0...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 22, 2026
Vulnerability Reserved
Aug 20, 2025

Credit

Khaled Sarieddine and Mohammad Ali Sayed reported these vulnerabilities to CISA

CVE-2025-53968 Data

JSON

Evmapa

What is CVE-2025-53968?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit