PT-2026-42761 · Syslink Software Ag+1 · Avantra

Vicxer Inc

·

Published

2026-05-22

·

Updated

2026-06-02

·

CVE-2026-8670

CVSS v3.1

9.6

Critical

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.1
Description Insufficient session expiration in syslink software AG Avantra on Linux and Windows allows for the reuse of session IDs, a technique known as Session Replay, where an attacker captures and reuse a valid session token to gain unauthorized access.
Recommendations Update to version 25.3.1.

Fix

Insufficient Session Expiration

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-8670

Affected Products

Avantra