Incorrect Permission Assignment and Exposure of Sensitive Information in Aybs Interaktif by Usta Information Systems Inc.
CVE-2025-8886

6.7MEDIUM

Key Information:

Vendor

Usta Information Systems Inc.

Status
Aybs Interaktif
Vendor
CVE Published:
10 October 2025

What is CVE-2025-8886?

The Aybs Interaktif product by Usta Information Systems Inc. exhibits vulnerabilities that allow unauthorized access to critical resources due to incorrect permission assignments. This flaw permits sensitive information exposure and enables privilege abuse along with authentication bypass, potentially compromising user data integrity from early 2024 until late August 2025.

Affected Version(s)

Aybs Interaktif 2024 <= 28082025

References

https://www.usom.gov.tr/bildirim/tr-25-0329

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Can Nesimi ARI
JSON
.
CVE-2025-8886 : Incorrect Permission Assignment and Exposure of Sensitive Information in Aybs Interaktif by Usta Information Systems Inc.