Skip to main content

Library Automation System CVE-2025-15024

| EUVD-2025-209859 HIGH
Code Injection (CWE-94)
2026-05-14 iletisim@usom.gov.tr GHSA-f6gp-pqfj-wc55
RCE Code Injection
8.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
May 14, 2026 - 18:30 vuln.today
CVE Published
May 14, 2026 - 18:16 nvd
HIGH 8.8

DescriptionNVD

Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion.

This issue affects Library Automation System: from v.19.5 before v.22.1.

AnalysisAI

Remote code inclusion in Yordam Library Automation System versions 19.5 through 22.0 allows unauthenticated attackers to execute arbitrary code with high integrity and confidentiality impact via user interaction. The vulnerability was reported by Turkey's National Cyber Security Directorate (USOM), indicating potential targeting of Turkish government or educational institutions using this library management software. With network-accessible attack vector and low complexity (CVSS AV:N/AC:L), this represents a significant risk to organizations running unpatched versions despite requiring user interaction (UI:R).

Technical ContextAI

This code injection vulnerability (CWE-94) affects Yordam Information Technology's proprietary library management software used primarily in Turkish academic and government institutions. The flaw allows remote code inclusion, a specific variant of code injection where attackers inject references to external malicious code that the application then executes. Unlike local code injection, remote code inclusion typically exploits inadequate input validation in file inclusion functions or dynamic code evaluation features, enabling attackers to reference and execute code hosted on attacker-controlled servers. The CVSS vector indicates network-based exploitation with low attack complexity, suggesting the vulnerable code paths may be in web-facing components handling user-supplied input without proper sanitization or safe coding practices.

RemediationAI

Upgrade to Yordam Library Automation System version 22.1 or later, as confirmed by Turkey's National Cyber Security Directorate advisory at https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0240. If immediate patching is not feasible, implement compensating controls including: restrict network access to the library system's web interface to trusted IP ranges only via firewall rules (noting this may impact legitimate remote users); enable web application firewall (WAF) rules to detect and block remote file inclusion attempts through monitoring for external URL references in input parameters (with potential for false positives in legitimate file upload workflows); conduct user awareness training to recognize social engineering attempts that might trigger the vulnerability; and monitor application logs for suspicious file inclusion attempts or unexpected external resource requests. These mitigations provide defense-in-depth but cannot fully eliminate risk - version upgrade to 22.1 remains the definitive remediation.

Share

CVE-2025-15024 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy