PT-2025-43017 · Mercku · Mercku M6A

Published

2025-10-22

Updated

2025-10-22

CVE-2025-62774

CVSS v3.1

3.1

Low

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mercku M6a versions through 2.1.0

Description The authentication system on Mercku M6a devices generates predictable session tokens based on timestamps, potentially allowing unauthorized access. The affected devices are those running versions through 2.1.0.

Recommendations Update Mercku M6a devices to a version newer than 2.1.0.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-331

Related Identifiers

CVE-2025-62774

Affected Products

Mercku M6A

PT-2025-43017 · Mercku · Mercku M6A

CVE-2025-62774

Weakness Enumeration

Related Identifiers

Affected Products

References · 7