CVE-2025-41012 – Unauthorized access vulnerability in TCMAN GIM

CVE ID : CVE-2025-41012

Published : Dec. 2, 2025, 1:15 p.m. | 1 hour, 10 minutes ago

Description : Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the ‘pda:userId’ and ‘pda:newPassword’ parameters with ‘soapaction UnlockUser’ in ‘/WS/PDAWebService.asmx’.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…