CVE-2025-69614
Activation Token Reuse Enables Account Takeover in Telekom Portal
Publication date: 2026-03-10
Last updated on: 2026-03-10
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deutsche_telekom | telekom_account_management_portal | to 2025-10-27|end_including=2025-10-31 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-640 | The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-69614 is a critical vulnerability in the Deutsche Telekom Account Management Portal caused by incorrect access control related to activation token reuse on the password-reset endpoint.
The flaw allows previously issued or unbound activation tokens to be reused by unauthorized attackers, enabling them to reset passwords for targeted accounts without permission.
This vulnerability leads to full account takeover (ATO) by attackers exploiting the token validation mechanism.
It affected all versions of the portal before 2025-10-27 and was fixed on 2025-10-31.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows unauthorized attackers to reset passwords and take full control over user accounts.
An attacker exploiting this flaw can gain access to sensitive personal or organizational data stored within the compromised accounts.
Full account takeover can lead to identity theft, unauthorized transactions, data breaches, and further exploitation within the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is caused by incorrect access control via activation token reuse on the password-reset endpoint, allowing unauthorized password resets and full account takeover.
Immediate mitigation involves updating the Deutsche Telekom AG Telekom Account Management Portal to version 2025-10-31 or later, where the issue has been fixed.
Until the update can be applied, restrict access to the password-reset endpoint and monitor for suspicious password reset activities to reduce risk.