CVE-2025-13483
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-25
Last updated on: 2025-11-25
Assigner: ICS-CERT
Description
Description
SiRcom SMART Alert (SiSA) allows unauthorized access to backend APIs. This allows an unauthenticated attacker to bypass the login screen using browser developer tools, gaining access to restricted parts of the application.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sircom | sma | 4.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
SiRcom SMART Alert (SiSA) has a vulnerability that allows an unauthenticated attacker to bypass the login screen by using browser developer tools, thereby gaining unauthorized access to backend APIs and restricted parts of the application.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to sensitive or restricted parts of the application without authentication, potentially exposing confidential data or allowing malicious actions within the system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70