Primary

Context

Turkiye Electricity Transmission Corporation Mobile Application Insufficient Session Expiration Vulnerability Allowing Session Hijacking

Vulnerability

Patched

A vulnerability allowing session hijacking has been identified in the Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application, specifically in versions 1.6.2 prior to 1.13. This vulnerability arises from insufficient session expiration, which could be exploited by cyber attackers to hijack user sessions.

Impact

Exploitation of this vulnerability allows for session hijacking, where an attacker can take over a user's session, potentially leading to unauthorized actions or access within the application.

Remediation

Users are advised to update the application to version 1.13 or later.

Added: May 21, 2026, 3:23 PM

Updated: May 21, 2026, 3:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

8.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

8.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Turkiye Electricity Transmission Corporation Mobile Application Insufficient Session Expiration Vulnerability Allowing Session Hijacking

Vulnerability

Impact

Remediation

Affected Products

Turkiye Electricity Transmission Corporation

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating