PatchSiren cyber security CVE debrief
CVE-2025-7347 Dinibh Puzzle Software Solutions CVE debrief
CVE-2025-7347 is an Authorization Bypass Through User-Controlled Key vulnerability in Dinibh Puzzle Software Solutions Dinibh Patrol Tracking System. This issue allows for Exploitation of Trusted Identifiers and affects the system through version 10022026. The vendor, Dinibh Puzzle Software Solutions, was contacted early about this disclosure but did not respond.
- Vendor
- Dinibh Puzzle Software Solutions
- Product
- Dinibh Patrol Tracking System
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-06-05
Who should care
Users of Dinibh Patrol Tracking System through version 10022026 should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability has a CVSS score of 8.8 and is classified as HIGH severity. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The weakness associated with this vulnerability is CWE-639.
Defensive priority
HIGH
Recommended defensive actions
- Users should update Dinibh Patrol Tracking System to a version beyond 10022026 if available.
- In the absence of an update, users should implement additional security measures to restrict access and monitor for suspicious activity.
Evidence notes
The CVE record was published on 2026-02-10T15:16:05.253Z and last modified on 2026-06-05T15:16:43.997Z. The vendor was contacted but did not respond.
Official resources
CVE-2025-7347 was published on 2026-02-10T15:16:05.253Z and last modified on 2026-06-05T15:16:43.997Z.