CVE-2023-33366

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 3, 2023
Updated: Aug 9, 2023
CWE ID 89

Summary

CVE-2023-33366 is a SQL injection vulnerability affecting Suprema BioStar 2 versions prior to 2.9.1. This issue grants authenticated users the ability to inject malicious SQL directives into statements, enabling the execution of arbitrary SQL commands. This vulnerability poses a significant risk, as it can lead to unauthorized data access, modification, or even system takeover. To mitigate this threat, all affected BioStar 2 installations should be updated to the latest version as soon as possible. Failure to address this vulnerability could result in serious data breaches or other cybersecurity incidents.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share