{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1618", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2026-01-29T13:54:58.022Z", "datePublished": "2026-02-13T13:14:45.785Z", "dateUpdated": "2026-02-13T17:00:30.361Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FlexCity/Kiosk", "vendor": "Universal Software Inc.", "versions": [{"lessThan": "1.0.36", "status": "affected", "version": "1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "\u0130brahim Y\u0130\u011e\u0130TSOY"}], "datePublic": "2026-02-13T13:12:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.<p>This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2026-02-13T13:14:45.785Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.usom.gov.tr/bildirim/tr-26-0065"}], "source": {"advisory": "TR-26-0065", "defect": ["TR-26-0065"], "discovery": "UNKNOWN"}, "title": "Admin Account Takeover in Universal Sotware's FlexCity/Kiosk", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-13T17:00:20.272336Z", "id": "CVE-2026-1618", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-13T17:00:30.361Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1618", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2026-01-29T13:54:58.022Z", "datePublished": "2026-02-13T13:14:45.785Z", "dateUpdated": "2026-02-13T17:00:30.361Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "FlexCity/Kiosk", "vendor": "Universal Software Inc.", "versions": [{"lessThan": "1.0.36", "status": "affected", "version": "1.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "\u0130brahim Y\u0130\u011e\u0130TSOY"}], "datePublic": "2026-02-13T13:12:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.<p>This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.</p>"}], "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2026-02-13T13:14:45.785Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.usom.gov.tr/bildirim/tr-26-0065"}], "source": {"advisory": "TR-26-0065", "defect": ["TR-26-0065"], "discovery": "UNKNOWN"}, "title": "Admin Account Takeover in Universal Sotware's FlexCity/Kiosk", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1618", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-13T17:00:20.272336Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-13T17:00:26.617Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:uni-yaz:flexcity:*:*:*:*:*:*:*:*", "matchCriteriaId": "1622F35A-B519-4678-B1C5-43548BCA9A78", "versionEndExcluding": "1.0.36", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n usando una ruta o canal alternativo en Universal Software Inc. FlexCity/Kiosk permite la escalada de privilegios. Este problema afecta a FlexCity/Kiosk: desde 1.0 antes de 1.0.36."}], "id": "CVE-2026-1618", "lastModified": "2026-03-02T13:38:12.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "iletisim@usom.gov.tr", "type": "Primary"}]}, "published": "2026-02-13T14:16:09.910", "references": [{"source": "iletisim@usom.gov.tr", "tags": ["Third Party Advisory"], "url": "https://www.usom.gov.tr/bildirim/tr-26-0065"}], "sourceIdentifier": "iletisim@usom.gov.tr", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-288"}], "source": "iletisim@usom.gov.tr", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,1.0.36)"}}], "product": "flexcity/kiosk", "vendor": "universal_software_inc."}], "analysis": {"en": {"generated_at": "2026-04-18T18:07:56.514223+00:00", "value": {"mitigation_remediation": ["Update FlexCity/Kiosk to version 1.0.36 or later to eliminate the authentication bypass.", "Review and disable any unused alternate authentication paths or channels defined in the configuration to prevent future bypass attempts.", "Enforce strong, multi\u2011factor authentication for all administrative accounts and monitor login logs for anomalous activities."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Versi\u00f3n 1.0 up to but not including 1.0.36 of FlexCity/Kiosk is affected. Deployments running any of these versions are susceptible to the authentication bypass, according to the vendor\u2019s notice.", "description_and_impact": "Universal Software Inc. FlexCity/Kiosk contains an authentication bypass that permits an attacker to gain administrator access, effectively a privilege escalation. The vulnerability is classified as CWE-288, Improper Authentication, and the description indicates the attacker can bypass standard login procedures via an alternate path or channel. The description does not specify additional consequences beyond the elevated privileges.", "risk_and_exploitability": "The CVSS score is 8.8, indicating a High severity rating. The EPSS score is listed as less than 1%, implying a very low probability of exploitation at the time of this assessment. The vulnerability is not currently listed in CISA\u2019s KEV catalog. The likely attack path involves using an alternate authentication route that bypasses the standard login, requiring only access to the application and no privileged credentials."}}}}, "created": "2026-02-13T21:28:40.190991+00:00", "updated": "2026-04-18T18:15:06.600180+00:00", "vendors": ["universal_software_inc.", "universal_software_inc.$PRODUCT$flexcity/kiosk"]}