Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
Published: 2026-02-13
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Universal Software Inc. FlexCity/Kiosk contains an authentication bypass that permits an attacker to gain administrator access, effectively a privilege escalation. The vulnerability is classified as CWE-288, Improper Authentication, and the description indicates the attacker can bypass standard login procedures via an alternate path or channel. The description does not specify additional consequences beyond the elevated privileges.

Affected Systems

Versión 1.0 up to but not including 1.0.36 of FlexCity/Kiosk is affected. Deployments running any of these versions are susceptible to the authentication bypass, according to the vendor’s notice.

Risk and Exploitability

The CVSS score is 8.8, indicating a High severity rating. The EPSS score is listed as less than 1%, implying a very low probability of exploitation at the time of this assessment. The vulnerability is not currently listed in CISA’s KEV catalog. The likely attack path involves using an alternate authentication route that bypasses the standard login, requiring only access to the application and no privileged credentials.

Generated by OpenCVE AI on April 18, 2026 at 18:07 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update FlexCity/Kiosk to version 1.0.36 or later to eliminate the authentication bypass.
  • Review and disable any unused alternate authentication paths or channels defined in the configuration to prevent future bypass attempts.
  • Enforce strong, multi‑factor authentication for all administrative accounts and monitor login logs for anomalous activities.

Generated by OpenCVE AI on April 18, 2026 at 18:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 02 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Uni-yaz
Uni-yaz flexcity
CPEs cpe:2.3:a:uni-yaz:flexcity:*:*:*:*:*:*:*:*
Vendors & Products Uni-yaz
Uni-yaz flexcity

Fri, 13 Feb 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Universal Software Inc.
Universal Software Inc. flexcity/kiosk
Vendors & Products Universal Software Inc.
Universal Software Inc. flexcity/kiosk

Fri, 13 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 13 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
Description Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.
Title Admin Account Takeover in Universal Sotware's FlexCity/Kiosk
Weaknesses CWE-288
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Uni-yaz Flexcity
Universal Software Inc. Flexcity/kiosk
cve-icon MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published:

Updated: 2026-02-13T17:00:30.361Z

Reserved: 2026-01-29T13:54:58.022Z

Link: CVE-2026-1618

cve-icon Vulnrichment

Updated: 2026-02-13T17:00:26.617Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-13T14:16:09.910

Modified: 2026-03-02T13:38:12.053

Link: CVE-2026-1618

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T18:15:06Z

Weaknesses