PatchSiren cyber security CVE debrief
CVE-2025-11242 Teknolist Computer Systems Software Publishing Industry and Trade Inc. CVE debrief
A Server-Side Request Forgery (SSRF) vulnerability was discovered in Teknolist Computer Systems Software Publishing Industry and Trade Inc.'s Okulistik product. The issue affects Okulistik through version 21102025. The vulnerability has a CVSS score of 9.8 and is classified as CRITICAL.
- Vendor
- Teknolist Computer Systems Software Publishing Industry and Trade Inc.
- Product
- Okulistik
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-10
- Original CVE updated
- 2026-06-04
- Advisory published
- 2026-02-10
- Advisory updated
- 2026-06-04
Who should care
Administrators and users of Teknolist Computer Systems Software Publishing Industry and Trade Inc.'s Okulistik product should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by a Server-Side Request Forgery (SSRF) issue in Okulistik. This allows an attacker to make unauthorized requests on behalf of the server, potentially leading to sensitive information disclosure or other malicious activities.
Defensive priority
High
Recommended defensive actions
- Apply the latest patch or update for Okulistik to version 21102025 or later.
- Restrict access to sensitive areas of the Okulistik product to prevent unauthorized requests.
- Monitor Okulistik logs for suspicious activity and implement additional security measures as needed.
Evidence notes
The CVE record for CVE-2025-11242 was obtained from the official CVE website [cve-org]. Additional information was obtained from the National Vulnerability Database [nvd].
Official resources
CVE-2025-11242 was published on 2026-02-10T09:16:09.200Z and modified on 2026-06-04T20:16:55.490Z.