Improper Access Control in Dinosoft Business Solutions ERP
CVE-2025-8025

9.8CRITICAL

Key Information:

Vendor: Dinosoft Business Solutions
Status: Dinosoft Erp
Vendor: CVE Published:; 11 February 2026

🔔 Create Dinosoft Business Solutions Vulnerability Alert

What is CVE-2025-8025?

The Dinosoft ERP system from Dinosoft Business Solutions is affected by a vulnerability that permits unauthorized access to essential functionalities due to inadequately enforced access control lists (ACLs). This flaw enables users to perform actions they should not have permissions for, leading to potential data breaches and unauthorized manipulation of sensitive functions. Security measures to ensure proper authentication have not been implemented, allowing exploitation of this issue across versions prior to 3.0.1 and including version 11022026. The vendor has not responded to notifications regarding this vulnerability.

Affected Version(s)

Dinosoft ERP < 3.0.1 <= 11022026

References

https://www.usom.gov.tr/bildirim/tr-26-0059

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Jul 22, 2025

Credit

Mustafa GÜNEL

CVE-2025-8025 Data

JSON