PT-2025-11671 · Elfatek Elektronics · Anka Jpd-00028
Aleksey Usanov
+1
·
Published
2024-11-27
·
Updated
2025-06-27
·
CVE-2024-12137
CVSS v2.0
8.0
High
| Vector | AV:A/AC:L/Au:N/C:P/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Elfatek Elektronics ANKA JPD-00028 versions through 19.03.2025
Description
The issue is related to an authentication bypass by capture-replay vulnerability, which allows session hijacking. The vendor did not inform about the completion of the fixing process within the specified time.
Recommendations
For ANKA JPD-00028 versions through 19.03.2025, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Encryption of Sensitive Data
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Anka Jpd-00028