Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-40668

Summary
Assigner-INCIBE
Assigner Org ID-0cbda920-cd7f-484a-8e76-bf7f4b7f4516
Published At-09 Jun, 2025 | 12:25
Updated At-09 Jun, 2025 | 13:03
Rejected At-
Credits

Incorrect Authorization vulnerability in TCMAN GIM

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:INCIBE
Assigner Org ID:0cbda920-cd7f-484a-8e76-bf7f4b7f4516
Published At:09 Jun, 2025 | 12:25
Updated At:09 Jun, 2025 | 13:03
Rejected At:
▼CVE Numbering Authority (CNA)
Incorrect Authorization vulnerability in TCMAN GIM

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.

Affected Products
Vendor
TCMAN
Product
GIM
Default Status
unaffected
Versions
Affected
  • 11
Problem Types
TypeCWE IDDescription
CWECWE-863CWE-863 Incorrect Authorization
Type: CWE
CWE ID: CWE-863
Description: CWE-863 Incorrect Authorization
Metrics
VersionBase scoreBase severityVector
4.07.1HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The vulnerability has been fixed by the TCMAN team. The manufacturer has reported that the vulnerability is not found in the latest version of GIM Web version 20250128.

Configurations
Workarounds
Exploits
Credits
finder
Jorge Riopedre Vega
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-1
N/A
Hyperlink: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-1
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve-coordination@incibe.es
Published At:09 Jun, 2025 | 13:15
Updated At:12 Jun, 2025 | 16:06

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.1HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-863Primarycve-coordination@incibe.es
CWE ID: CWE-863
Type: Primary
Source: cve-coordination@incibe.es
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-1cve-coordination@incibe.es
N/A
Hyperlink: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-1
Source: cve-coordination@incibe.es
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2025-40669
Matching Score-10
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-10
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7.1||HIGH
EPSS-0.05% / 13.80%
||
7 Day CHG~0.00%
Published-09 Jun, 2025 | 12:26
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authorization vulnerability in TCMAN GIM

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.

Action-Not Available
Vendor-TCMAN
Product-GIM
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-40670
Matching Score-10
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-10
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7.1||HIGH
EPSS-0.06% / 17.83%
||
7 Day CHG~0.00%
Published-09 Jun, 2025 | 12:26
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authorization vulnerability in TCMAN GIM

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.

Action-Not Available
Vendor-TCMAN
Product-GIM
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-40567
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.05% / 14.78%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 15:17
Updated-12 Jun, 2025 | 16:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The "Load Rollback" functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to make the affected product roll back configuration changes made by privileged users.

Action-Not Available
Vendor-Siemens AG
Product-SCALANCE XR526-8SCALANCE XRM334 (2x230 V AC, 8xFO)SCALANCE XC416-8SCALANCE XCM332SCALANCE XC324-4SCALANCE XR302-32SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)SCALANCE XRM334 (2x230 V AC, 12xFO)SCALANCE XR322-12SCALANCE XRM334 (230 V AC, 8xFO)SCALANCE XC424-4SCALANCE XCM328SCALANCE XR522-12SCALANCE XRM334 (24 V DC, 12xFO)SCALANCE XC316-8SCALANCE XRH334 (24 V DC, 8xFO, CC)SCALANCE XCH328SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)SCALANCE XCM324RUGGEDCOM RST2428PSCALANCE XC432SCALANCE XC332SCALANCE XR502-32SCALANCE XC324-4 EECSCALANCE XR326-8 EECSCALANCE XRM334 (230 V AC, 12xFO)SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)SCALANCE XRM334 (24 V DC, 8xFO)SCALANCE XR326-8
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-55633
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.1||HIGH
EPSS-0.51% / 65.52%
||
7 Day CHG~0.00%
Published-12 Dec, 2024 | 14:36
Updated-12 Feb, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Superset: SQLLab Improper readonly query validation allows unauthorized write access

Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access can craft a specially designed SQL DML statement that is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and postgres analytics database connections set with a readonly user (advised) are not vulnerable.  This issue affects Apache Superset: before 4.1.0. Users are recommended to upgrade to version 4.1.0, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-supersetApache Superset
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-49376
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.19% / 41.25%
||
7 Day CHG+0.03%
Published-25 Oct, 2024 | 12:50
Updated-14 Nov, 2024 | 22:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Autolab Has Misconfigured Reset Password Permissions

Autolab, a course management service that enables auto-graded programming assignments, has misconfigured reset password permissions in version 3.0.0. For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords. This issue is fixed in version 3.0.1. No known workarounds exist.

Action-Not Available
Vendor-autolabprojectautolab
Product-autolabAutolab
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-863
Incorrect Authorization
Details not found