CVE-2025-68421: CWE-798 Use of Hard-coded Credentials in Comarch ERP Optima
Comarch ERP Optima client makes use of a hard-coded password for a database user. These credentials cannot be changed. It is possible for a remote attacker to gain an access to the database with elevated privileges including executing system commands on a server. This issue has been fixed in version 2026.4
AI Analysis
Technical Summary
Comarch ERP Optima contains a hard-coded password for a database user within its client software. Because these credentials are immutable, an attacker can remotely exploit this to gain elevated database access and execute system commands on the server hosting the database. This vulnerability is tracked as CWE-798 and carries a CVSS 4.0 score of 8.7, indicating high severity. The vendor has addressed this vulnerability in version 2026.4 of ERP Optima.
Potential Impact
An attacker can remotely gain unauthorized elevated access to the database and execute system commands on the server, potentially leading to full system compromise. This elevates the risk of data breaches, system manipulation, and further attacks within the affected environment.
Mitigation Recommendations
Upgrade Comarch ERP Optima to version 2026.4 or later, where this vulnerability has been fixed. No other official remediation or temporary fixes are documented. Patch status is confirmed by the vendor's version update.
CVE-2025-68421: CWE-798 Use of Hard-coded Credentials in Comarch ERP Optima
Description
Comarch ERP Optima client makes use of a hard-coded password for a database user. These credentials cannot be changed. It is possible for a remote attacker to gain an access to the database with elevated privileges including executing system commands on a server. This issue has been fixed in version 2026.4
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Comarch ERP Optima contains a hard-coded password for a database user within its client software. Because these credentials are immutable, an attacker can remotely exploit this to gain elevated database access and execute system commands on the server hosting the database. This vulnerability is tracked as CWE-798 and carries a CVSS 4.0 score of 8.7, indicating high severity. The vendor has addressed this vulnerability in version 2026.4 of ERP Optima.
Potential Impact
An attacker can remotely gain unauthorized elevated access to the database and execute system commands on the server, potentially leading to full system compromise. This elevates the risk of data breaches, system manipulation, and further attacks within the affected environment.
Mitigation Recommendations
Upgrade Comarch ERP Optima to version 2026.4 or later, where this vulnerability has been fixed. No other official remediation or temporary fixes are documented. Patch status is confirmed by the vendor's version update.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CERT-PL
- Date Reserved
- 2025-12-17T14:10:16.437Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a05a966ec166c07b0b50280
Added to database: 5/14/2026, 10:52:22 AM
Last enriched: 5/14/2026, 11:06:41 AM
Last updated: 5/14/2026, 12:38:12 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.