CVE-2024-8950

CRITICAL

Arne Informatics Piramit Automation <27.09.2024 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arne Informatics Piramit Automation allows Blind SQL Injection. This issue affects Piramit Automation: before 27.09.2024.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource government-resource broken-link
https://www.usom.gov.tr/bildirim/tr-24-1898

Scores

CVSS v3 9.9
EPSS 0.0060
EPSS Percentile 44.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-89
Status published
Products (1)
Arne Informatics/Piramit Automation < 27.09.2024
Published Dec 25, 2024
Tracked Since Feb 18, 2026