CNNVD-202509-4005 Information

CNNVD ID

CNNVD-202509-4005

Related CVE

CVE-2025-10941

• CNNVD Published: 2025-09-25

Description (Chinese)

Topaz SERVCore Teller是巴西Topaz公司的一个银行服务软件。 Topaz SERVCore Teller 2.14.0-RC2版本和2.14.1版本存在授权问题漏洞，该漏洞源于文件SERVCoreTeller_2.0.40D.msi存在权限问题，可能导致本地攻击。

Description (English)

Topaz ServCore Teller is a banking service software for Topaz, Brazil. Topaz SerVCore Teller, version 2.14.0-RC2 and version 2.14.1 have a mandate gap, which stems from the power issue in document SERVCore Teller 2.0.40D.msi, which may lead to local attacks.

Hazard Level

Medium

Vulnerability Type

授权问题

Affected Vendor

Topaz

Published

2025-09-25

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20Local%20Privilege%20Escalation%20via%20Insecure%20Directory%20Permissions%20in%20SERVCore%20Teller%20Installer.txt https://vuldb.com/?id.325811 https://vuldb.com/?submit.651434 https://vuldb.com/?ctiid.325811