CVE-2024-13063
📋 TL;DR
This vulnerability allows attackers to bypass authorization controls in Akinsoft MyRezzta by manipulating user-controlled keys, enabling forceful browsing to access restricted functionality. It affects MyRezzta installations from version s2.02.02 up to (but not including) v2.05.01. Users of affected versions are vulnerable to unauthorized access.
💻 Affected Systems
- Akinsoft MyRezzta
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain administrative privileges, access sensitive data, modify system configurations, or perform unauthorized actions as privileged users.
Likely Case
Unauthorized access to restricted functionality, data leakage, or privilege escalation within the application.
If Mitigated
Limited impact with proper access controls, monitoring, and network segmentation in place.
🎯 Exploit Status
Exploitation requires understanding of application endpoints and parameter manipulation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v2.05.01
Vendor Advisory: https://www.usom.gov.tr/bildirim/tr-25-0205
Restart Required: No
Instructions:
1. Download MyRezzta v2.05.01 from official vendor sources. 2. Backup current installation and data. 3. Install the update following vendor documentation. 4. Verify successful update.
🔧 Temporary Workarounds
Network Access Restriction
allRestrict access to MyRezzta application to trusted IP addresses only.
Web Application Firewall Rules
allImplement WAF rules to detect and block forceful browsing attempts.
🧯 If You Can't Patch
- Implement strict network segmentation to isolate MyRezzta from untrusted networks.
- Enable detailed logging and monitoring for unauthorized access attempts.
🔍 How to Verify
Check if Vulnerable:
Check MyRezzta version in application settings or about dialog. If version is between s2.02.02 and v2.05.01 (exclusive), system is vulnerable.Check Version:
Check application interface for version information (no CLI command available).Verify Fix Applied:
Confirm version is v2.05.01 or later in application settings.📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns to restricted endpoints
- Failed authorization attempts followed by successful access
- Access to admin functions from non-admin accounts
Network Indicators:
- HTTP requests with manipulated parameters to restricted URLs
- Unusual sequence of page accesses
SIEM Query:
source="myrezzta_logs" AND (url="*/admin/*" OR url="*/restricted/*") AND user!="admin" AND response_code=200