SQL Injection Vulnerability in Ergosis Security Systems' ZEUS PDKS Software
CVE-2025-7636

8.8HIGH

Key Information:

Vendor: Ergosis Security Systems Computer Industry And Trade Inc.
Status: Zeus Pdks
Vendor: CVE Published:; 10 February 2026

🔔 Create Ergosis Security Systems Computer Industry And Trade Inc. Vulnerability Alert

What is CVE-2025-7636?

A vulnerability exists within the ZEUS PDKS software from Ergosis Security Systems that allows for SQL Injection attacks. This flaw enables malicious actors to exploit improper handling of special elements in SQL commands, potentially leading to unauthorized access to sensitive database information. The affected versions include those prior to 1.0.5.10 and those ranging from 1.0.5.10 to 10022026. As the vendor has not responded to notifications regarding this issue, all users are urged to review system security and consider updating to mitigate such risks.

Affected Version(s)

ZEUS PDKS <1.0.5.10 <= 10022026

References

https://www.usom.gov.tr/bildirim/tr-26-0052

third-party-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Jul 14, 2025

Credit

Ali KAZAR

CVE-2025-7636 Data

JSON