CVE-2025-15023: Yordam Library System Authorization Flaw
The National Vulnerability Database has disclosed CVE-2025-15023, an Incorrect Authorization vulnerability impacting Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc.’s Library Automation System. This flaw, rated with a high CVSS v3.1 score of 8.8, allows attackers to exploit incorrectly configured access control security levels.
Specifically, the vulnerability affects versions 19.5 through to 22.0 of the Library Automation System. Attackers can leverage this weakness (CWE-863) to potentially gain unauthorized access or manipulate data, posing a significant risk to the integrity and confidentiality of library systems.
For defenders, this means a direct path for unauthorized access into critical data management systems. The attacker’s calculus here is straightforward: find a vulnerable Yordam system, exploit the access control flaw, and then move laterally or exfiltrate sensitive patron and collection data. This isn’t theoretical; misconfigured access controls are a top attack vector.
What This Means For You
- If your organization utilizes the Yordam Library Automation System, you need to immediately check your version. Any deployments from v.19.5 before v.22.1 are vulnerable. Prioritize patching to version 22.1 or later to mitigate this critical authorization bypass.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2025-15023: Yordam Library System Authorization Flaw - Unauthenticated Access Attempt
title: CVE-2025-15023: Yordam Library System Authorization Flaw - Unauthenticated Access Attempt
id: scw-2026-05-14-ai-1
status: experimental
level: critical
description: |
This rule detects attempts to access administrative sections of the Yordam Library System without proper authentication, which is indicative of exploitation for CVE-2025-15023. The vulnerability allows bypassing access controls, enabling unauthorized users to potentially access sensitive administrative functions.
author: SCW Feed Engine (AI-generated)
date: 2026-05-14
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2025-15023/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/YordamLib/Admin/'
cs-method:
- 'GET'
sc-status:
- 200
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2025-15023 | Auth Bypass | Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System |
| CVE-2025-15023 | Auth Bypass | Library Automation System versions from v.19.5 before v.22.1 |
| CVE-2025-15023 | Auth Bypass | Incorrectly Configured Access Control Security Levels |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 14, 2026 at 21:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-8621: Crabbox Authentication Bypass Allows Impersonation
CVE-2026-8621 — Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity...
CVE-2026-45375: Critical XSS in SiYuan Knowledge Management System
CVE-2026-45375 — SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar (community marketplace) renders the name and version fields of a...
CVE-2026-45148 — SiYuan is an open-source personal knowledge management
CVE-2026-45148 — SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers...