PT-2025-48047 · Sircom · Sircom Smart Alert
Souvik Kandar
·
Published
2025-11-25
·
Updated
2025-11-25
·
CVE-2025-13483
CVSS v4.0
8.8
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
SiRcom SMART Alert (SiSA) (affected versions not specified)
Description
The SiRcom SMART Alert (SiSA) application permits unauthorized access to backend APIs. An unauthenticated attacker can circumvent the login process by utilizing browser developer tools, thereby gaining access to restricted application areas. The affected APIs allow bypassing the login screen.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sircom Smart Alert