CVE-2025-61115

HIGH

ABC Fine Wine & Spirits Android App <v.11.27.5 - Auth Bypass

Title source: llm

Description

ABC Fine Wine & Spirits Android App version v.11.27.5 and before (package name com.cta.abcfinewineandspirits), developed by ABC Liquors, Inc., contains an improper access control vulnerability in its login mechanism. The application does not properly validate user passwords during authentication, allowing attackers to bypass login checks and obtain valid session identifiers. Successful exploitation could result in unauthorized account access, privacy breaches, and misuse of the platform.

References (1)

Core 1

Core References

Various Sources

https://kar1oz.notion.site/ABC-Fine-Wine-Spirits-2629a473ecb2807787e2f2557e504c7d

Scores

CVSS v3 7.5

EPSS 0.0032

EPSS Percentile 23.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Published Oct 30, 2025

Tracked Since Feb 18, 2026