CVSS 10.0CVSS 10.0 · CRITICAL
CVE-2025-4320
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Ver en NVDSeveridad
Puntaje: 10.0(CRITICAL)
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HAV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: HIGH
A: HIGH
Tipo de falla (CWE):
CWE-305CWE-640EPSS
Probabilidad de explotación (próx. 30 días): 0.0004 (0.0%)
Percentil: 11.6%
EPSS: 2026-06-05
Descripción técnica
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation. This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Publicada: 23/1/2026, 13:15:49
Última modificación: 5/6/2026, 16:16:32