CVE-2026-40812

Vulnerability

An unauthenticated SQL Injection vulnerability exists in the getLiveValues function's sn parameter of MB connect line's mbCONNECT24 and mymbCONNECT24 products, due to improper neutralization of special elements in a SQL SELECT command [1]. This allows an attacker to inject arbitrary SQL commands into the query. The affected versions are not explicitly listed in the available references, but the advisory indicates all current versions prior to the fix are vulnerable [1].

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable endpoint, injecting SQL code via the sn parameter. No authentication is required, and no user interaction is needed. The attacker does not need any special network position beyond network access to the target [1].

Impact

Successful exploitation results in a total loss of confidentiality, as the attacker can extract all data from the database, including sensitive information such as user credentials, configuration details, and other proprietary data [1]. The advisory rates the CVSS v3 base score as 7.5 (High) due to the high confidentiality impact and network attack vector [1].

Mitigation

As of the advisory publication date (2026-05-27), the vendor has not yet released a patched version. The advisory recommends applying the vendor's update as soon as it becomes available. No workarounds are provided in the available references [1].