Skip to main content

Saas Composer

1 CVEs product

Monthly

CVE-2026-6888 HIGH NEWS This Week

SQL injection in multiple Advantech industrial IoT platforms allows remote authenticated attackers with high privileges to execute arbitrary database commands. Affected products include WebAccess/SCADA, SaaS Composer, IoTSuite Growth/Starter, and IoT Edge across Windows and Linux Docker deployments. The vulnerability enables complete database compromise - attackers can read sensitive industrial control system data, modify configurations, or delete critical operational information. CVSS 7.2 reflects high impact across confidentiality, integrity, and availability, though exploitation requires administrative credentials (PR:H), significantly limiting attack surface compared to unauthenticated SQL injection vulnerabilities.

SQLi Saas Composer Iotsuite Growth Linux Docker Iotsuite Starter Linux Docker Iot Edge Linux Docker +4
NVD VulDB
CVSS 3.1
7.2
EPSS
0.1%
EPSS 0% CVSS 7.2
HIGH This Week

SQL injection in multiple Advantech industrial IoT platforms allows remote authenticated attackers with high privileges to execute arbitrary database commands. Affected products include WebAccess/SCADA, SaaS Composer, IoTSuite Growth/Starter, and IoT Edge across Windows and Linux Docker deployments. The vulnerability enables complete database compromise - attackers can read sensitive industrial control system data, modify configurations, or delete critical operational information. CVSS 7.2 reflects high impact across confidentiality, integrity, and availability, though exploitation requires administrative credentials (PR:H), significantly limiting attack surface compared to unauthenticated SQL injection vulnerabilities.

SQLi Saas Composer Iotsuite Growth Linux Docker +6
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy