CVE-2025-41086

Name of the Vulnerable Software and Affected Versions GAMS (affected versions not specified)

Description A flaw exists in the access control system of the GAMS licensing system that permits the creation of an unlimited number of valid licenses, circumventing usage limitations. The system employs an insecure checksum algorithm. An attacker, by understanding this algorithm and the license line format, can recalculate the checksum and forge a valid license. This grants the attacker full privileges without requiring credentials or access to the source code, enabling unrestricted access to GAMS’s mathematical models and commercial solvers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.