Nebim Neyir Computer Industry CVE-2025-13506
HIGHSeverity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database.
This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1.
AnalysisAI
Privilege escalation in Nebim V3 ERP versions 2.0.59 through 3.0.0 lets an authenticated database-level attacker pivot from SQL access to operating-system control because the application stack executes with unnecessary privileges (CWE-250). Reported through Turkey's USOM/CERT-TR (advisory TR-25-0450), the issue carries CVSS 8.8 (AV:N/AC:L/PR:L/UI:N/C:H/I:H/A:H), and there is no public exploit identified at time of analysis, with EPSS at 0.09% (26th percentile).
Same weakness CWE-250 – Execution with Unnecessary Privileges
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today