Home

Description

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet.

PUBLISHED Reserved 2025-06-19 | Published 2026-01-12 | Updated 2026-01-12 | Assigner CSA




CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Product status

Default status
unknown

IoTSuite SaaSComposer prior to version 3.4.15
affected

IoTSuite Growth Linux docker prior to version V2.0.2
affected

IoTSuite Starter Linux docker prior to version V2.0.2
affected

IoT Edge Linux docker prior to version V2.0.2
affected

IoT Edge Windows prior to version V2.0.2
affected

Credits

Loi Nguyen Thang finder

References

www.csa.gov.sg/...-and-advisories/alerts/alerts-al-2026-001/

cve.org (CVE-2025-52694)

nvd.nist.gov (CVE-2025-52694)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.