{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32969", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2026-03-17T09:55:21.859Z", "datePublished": "2026-03-23T11:16:22.255Z", "dateUpdated": "2026-03-23T16:01:30.953Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MB connect line mbCONNECT24", "vendor": "MB connect line", "versions": [{"lessThanOrEqual": "2.19.3", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "mymbCONNECT24", "vendor": "MB connect line", "versions": [{"lessThanOrEqual": "2.19.3", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "myREX24V2", "vendor": "Helmholz", "versions": [{"lessThanOrEqual": "2.19.3", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "myREX24V2.virtual", "vendor": "Helmholz", "versions": [{"lessThanOrEqual": "2.19.3", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Moritz Abrell, Christian Z\u00e4ske from SySS GmbH"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint\u2019s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.<br>"}], "value": "An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint\u2019s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-03-23T11:16:22.255Z"}, "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-024"}, {"url": "https://certvde.com/de/advisories/VDE-2026-025"}], "source": {"advisory": "VDE-2026-024", "defect": ["CERT@VDE#641983"], "discovery": "UNKNOWN"}, "title": "Pre-Auth Blind SQLi in userinfo Endpoint", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T16:01:17.471597Z", "id": "CVE-2026-32969", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T16:01:30.953Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32969", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T16:01:17.471597Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T16:01:22.270Z"}}], "cna": {"title": "Pre-Auth Blind SQLi in userinfo Endpoint", "source": {"defect": ["CERT@VDE#641983"], "advisory": "VDE-2026-024", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Moritz Abrell, Christian Z\u00e4ske from SySS GmbH"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MB connect line", "product": "MB connect line mbCONNECT24", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.3"}], "defaultStatus": "unaffected"}, {"vendor": "MB connect line", "product": "mymbCONNECT24", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.3"}], "defaultStatus": "unaffected"}, {"vendor": "Helmholz", "product": "myREX24V2", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.3"}], "defaultStatus": "unaffected"}, {"vendor": "Helmholz", "product": "myREX24V2.virtual", "versions": [{"status": "affected", "version": "0.0.0", "versionType": "semver", "lessThanOrEqual": "2.19.3"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://certvde.com/de/advisories/VDE-2026-024"}, {"url": "https://certvde.com/de/advisories/VDE-2026-025"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint\u2019s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.", "supportingMedia": [{"type": "text/html", "value": "An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint\u2019s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2026-03-23T11:16:22.255Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32969", "state": "PUBLISHED", "dateUpdated": "2026-03-23T16:01:30.953Z", "dateReserved": "2026-03-17T09:55:21.859Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2026-03-23T11:16:22.255Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint\u2019s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality."}], "id": "CVE-2026-32969", "lastModified": "2026-03-23T14:31:37.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "info@cert.vde.com", "type": "Primary"}]}, "published": "2026-03-23T12:16:09.090", "references": [{"source": "info@cert.vde.com", "url": "https://certvde.com/de/advisories/VDE-2026-024"}, {"source": "info@cert.vde.com", "url": "https://certvde.com/de/advisories/VDE-2026-025"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "info@cert.vde.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.3]"}}], "enrichment": {"confidence": 96.0, "confidence_source": "matching", "scores": [{"score": 96.0, "source": "matching"}]}, "original": {"product": "myREX24V2.virtual", "source": "cna", "vendor": "Helmholz"}, "product": "myrex24.virtual", "vendor": "helmholz"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.3]"}}], "enrichment": {"confidence": 97.0, "confidence_source": "matching", "scores": [{"score": 97.0, "source": "matching"}]}, "original": {"product": "myREX24V2", "source": "cna", "vendor": "Helmholz"}, "product": "myrex24_v2", "vendor": "helmholz"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.3]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 96.0, "source": "matching"}]}, "original": {"product": "MB connect line mbCONNECT24", "source": "cna", "vendor": "MB connect line"}, "product": "mbconnect24", "vendor": "mbconnectline"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.0,2.19.3]"}}], "enrichment": {"confidence": 96.0, "confidence_source": "matching", "scores": [{"score": 96.0, "source": "matching"}]}, "original": {"product": "mymbCONNECT24", "source": "cna", "vendor": "MB connect line"}, "product": "mymbconnect24", "vendor": "mbconnectline"}], "analysis": {"en": {"generated_at": "2026-03-23T13:22:35.540454+00:00", "value": {"mitigation_remediation": ["Apply the vendor\u2011issued patch or upgrade to a fixed version of the affected Helmholz or MB connect line products", "If a patch is not yet available, restrict or block traffic to the userinfo endpoint to deny unauthenticated requests", "Monitor system logs for abnormal authentication attempts or patterns that may indicate exploitation attempts", "Refer to the vendor advisories for update timelines and additional guidance"], "summary": {"action": "Immediate Patch", "impact": "Data confidentiality loss due to unauthenticated blind SQL injection"}, "threat_synthesis": {"affected_systems": "Installed units of Helmholz myREX24V2 and myREX24V2.virtual, and MB connect line devices using mbCONNECT24 or mymbCONNECT24, are potentially affected. No particular version ranges are specified, so all currently deployed copies should be considered at risk.", "description_and_impact": "A blind SQL injection flaw exists in the userinfo endpoint\u2019s authentication logic. The vulnerability arises because special characters are not properly escaped in a SELECT statement, allowing an attacker to send crafted inputs that are executed by the database. Because the endpoint can be accessed without authentication, an attacker can reveal private data that should remain confidential.", "risk_and_exploitability": "The reported CVSS score of 7.5 indicates a high severity risk. While detailed likelihood metrics are not available, the flaw can be triggered remotely without credentials, making exploitation straightforward for an attacker. Successful exploitation would provide the attacker with access to sensitive information stored in the backend database. The vulnerability is not catalogued in the major known-exploited-vulnerabilities registry, but its high impact warrants prompt attention."}}}}, "created": "2026-03-24T10:34:43.579440+00:00", "updated": "2026-03-25T14:49:18.818641+00:00", "vendors": ["helmholz", "helmholz$PRODUCT$myrex24.virtual", "helmholz$PRODUCT$myrex24_v2", "mbconnectline", "mbconnectline$PRODUCT$mbconnect24", "mbconnectline$PRODUCT$mymbconnect24"]}