Critical severity9.1NVD Advisory· Published Mar 10, 2026· Updated May 7, 2026
CVE-2025-69615
CVE-2025-69615
Description
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:telekom:account_management_portal:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:telekom:account_management_portal:*:*:*:*:*:*:*:*range: <=2025-10-24
- (no CPE)range: <2025-10-24
- Deutsche Telekom AG/Telekom Account Management Portaldescription
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.