CVE-2024-12137

HIGH 7.6

Authentication Bypass in Elfatek Elektronics' ANKA JPD-00028

CVSS Score

7.6

EPSS Score

0.0%

EPSS Percentile

4th

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking. This issue affects ANKA JPD-00028: before V.01.01.

CWE	CWE-294
Vendor	elfatek elektronics
Product	anka jpd-00028
Published	Mar 19, 2025
Last Updated	Jun 1, 2026

Stay Ahead of the Next One

Get instant alerts for elfatek elektronics anka jpd-00028

Be the first to know when new high vulnerabilities affecting elfatek elektronics anka jpd-00028 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

Affected Versions

Elfatek Elektronics / ANKA JPD-00028

0 < V.01.01

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0071 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0071

Credits

Aleksey USANOV Positive Technologies