PatchSiren cyber security CVE debrief
CVE-2025-7016 Akın Software Computer Import Export Industry and Trade Ltd. CVE debrief
CVE-2025-7016 is a HIGH severity vulnerability (CVSS Score: 8) in Akın Software Computer Import Export Industry and Trade Ltd.'s QR Menu, affecting versions before s1.05.12. This Improper Access Control issue allows for Authentication Abuse. The CVE was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-7016) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2025-7016).
- Vendor
- Akın Software Computer Import Export Industry and Trade Ltd.
- Product
- QR Menu
- CVSS
- HIGH 8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-29
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-01-29
- Advisory updated
- 2026-06-05
Who should care
Users of Akın Software Computer Import Export Industry and Trade Ltd.'s QR Menu, especially those using versions before s1.05.12, should apply the necessary updates or mitigations to prevent Authentication Abuse.
Technical summary
The vulnerability, identified as CWE-284 (Improper Access Control), affects QR Menu versions before s1.05.12. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H, indicating a HIGH severity level.
Defensive priority
HIGH
Recommended defensive actions
- Update QR Menu to version s1.05.12 or later.
- Refer to [ref-4](https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0006) and [ref-5](https://www.usom.gov.tr/bildirim/tr-26-0006) for additional information and potential mitigations.
Evidence notes
The CVE-2025-7016 record and NVD details provide comprehensive information about this vulnerability.
Official resources
-
CVE-2025-7016 CVE record
CVE.org
-
CVE-2025-7016 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE-2025-7016 was published on 2026-01-29T12:16:30.213Z and last modified on 2026-06-05T15:16:43.743Z.