Skip to main content

Logo Cloud CVE-2025-0606

MEDIUM
Authorization Bypass Through User-Controlled Key (CWE-639)
2025-10-06 iletisim@usom.gov.tr
6.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.0 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 06, 2026 - 08:36 vuln.today

DescriptionCVE.org

Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure.

This issue affects Logo Cloud: before 0.67.

AnalysisAI

Authorization bypass in Logo Cloud (all versions before 0.67) allows an authenticated high-privilege user to manipulate user-controlled key parameters to access resources outside their authorization scope via forceful browsing, resulting in high confidentiality impact alongside limited integrity and availability effects. The flaw is a classic Insecure Direct Object Reference (IDOR) pattern (CWE-639) made exploitable over the network without user interaction. No public exploit code exists and the EPSS score sits at 0.05% (17th percentile), indicating very low observed exploitation probability; however, the data-exposure risk for affected deployments warrants prompt patching to version 0.67.

Technical ContextAI

CWE-639 (Authorization Bypass Through User-Controlled Key) is an IDOR subclass in which the application exposes resource identifiers - keys, IDs, or tokens - in client-controlled request parameters and fails to validate that the authenticated user is authorized to access the referenced resource. Logo Cloud, a cloud platform by Turkish enterprise software vendor Logo Software Inc., processes these user-supplied keys without sufficient server-side authorization checks, permitting forceful browsing (systematic enumeration or direct access of resource URLs/IDs) and resource leak exposure (disclosure of data belonging to other accounts or tenants). No CPE string was provided; affected versions are identified solely as Logo Cloud before 0.67, per USOM advisory TR-25-0318. The network-accessible nature (AV:N) indicates the vulnerable endpoint is reachable via standard HTTP/S requests.

Affected ProductsAI

Logo Cloud by Logo Software Inc. in all versions prior to 0.67 is affected. The vulnerability is documented under Turkish USOM advisory TR-25-0318, available at https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0318 and https://www.usom.gov.tr/bildirim/tr-25-0318. No CPE string was included in the source data; affected version boundary (before 0.67) is confirmed by the NVD entry and USOM advisory.

RemediationAI

Upgrade Logo Cloud to version 0.67 or later, which resolves this authorization bypass per USOM advisory TR-25-0318 (https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0318). This is a vendor-released patch with the fix version confirmed by the advisory. If immediate patching is not feasible, restrict network access to the Logo Cloud administrative interface to trusted IP ranges only - this raises the bar for exploitation by limiting who can supply crafted requests, though it does not eliminate the flaw. Additionally, audit high-privilege account activity logs for anomalous patterns of resource enumeration (e.g., sequential ID traversal in access logs), enforce the principle of least privilege to minimize the number of accounts holding high-privilege roles, and rotate credentials for any accounts that may have had access during the vulnerable window. Note: network restriction does not prevent exploitation by an insider or an attacker who has already compromised a high-privilege account.

Share

CVE-2025-0606 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy