CVE-2025-10161
Deferred Deferred - Pending Action
BaseFortify

Publication date: 2025-11-11

Last updated on: 2026-06-05

Assigner: Computer Emergency Response Team of the Republic of Turkey

Description
Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass. This issue affects Perfektive: before Version: 12574 Build: 2701.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-11
Last Modified
2026-06-05
Generated
2026-06-16
AI Q&A
2025-11-11
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10161
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
turkguven_software_technologies_inc. perfektive *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-602 The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
CWE-807 The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Turkguven Software Technologies Inc. Perfektive involves improper restriction of excessive authentication attempts, client-side enforcement of server-side security, and reliance on untrusted inputs in security decisions. It allows attackers to perform brute force attacks, bypass authentication, and bypass functionality in affected versions before 12574 Build 2701.

Impact Analysis

The vulnerability can lead to unauthorized access through brute force or authentication bypass, potentially allowing attackers to access sensitive information, disrupt functionality, or compromise system integrity.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10161. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart