Privilege escalation in Comarch Erp Optima
CVE-2025-68420
Comarch ERP Optima client connects to a database using a high privileged account regardless of an application account to which a user logs in. It is possible for a local attacker who controls the client process to dump it's memory, extract…
EPSS: 0.000 (5.0th percentile) — read the EPSS interpretation.
Affected products
- Comarch Erp Optima — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (product)
- cvd@cert.pl (third-party-advisory)