CVE-2025-4037

A vulnerability was found in code-projects ATM Banking 1.0. It has been classified as critical. Affected is the function moneyDeposit/moneyWithdraw. The manipulation leads to business logic errors. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
VulDBCNA
4.4 MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
VendorProductVersion
fabianrosatm_banking
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://code-projects.org/
https://github.com/zzzxc643/cve/blob/main/ATM_Banking.md
https://vuldb.com/?ctiid.306402
https://vuldb.com/?id.306402
https://vuldb.com/?submit.559303
https://github.com/zzzxc643/cve/blob/main/ATM_Banking.md