CVE-2025-10643

Name of the Vulnerable Software and Affected Versions Wondershare Repairit version 6.5.2 Wondershare Repairit (affected versions not specified)

Description The software contains an authentication bypass issue stemming from incorrect permission assignments within a storage account token. This allows remote attackers to bypass authentication without needing to log in. The flaw enables attackers to access the system by exploiting the permissions associated with the token. Multiple reports indicate the potential for supply chain risks, including the ability to swap AI models. No estimated number of affected devices or real-world incidents beyond the discovery of the flaw have been reported.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.