CVE-2024-8630
published 2024-09-27CVE-2024-8630: Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.56%
42.6th percentile
Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alisonic | sibylla | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2024-8630 affects Alisonic Sibylla automated tank gauge devices (all versions); the vulnerability is an unauthenticated, network-accessible SQL injection (no privileges required, no user interaction) that can expose the full database, dump credentials, or grant administrator access — monitor for anomalous SQL syntax in HTTP requests directed at Sibylla device interfaces ↗
- →Attack vector is fully remote with low complexity and no authentication (CVSS v3 AV:N/AC:L/PR:N/UI:N); block all internet-facing exposure of Sibylla devices and alert on any direct internet-sourced connections to them ↗
- →Successful exploitation outcomes include credential dumping and privilege escalation to administrator; monitor for unexpected authentication events or new admin-level sessions on Sibylla devices following inbound SQL-like traffic ↗
- ·All versions of Alisonic Sibylla are affected; the vendor did not respond to CISA coordination, so no patch is available — treat all deployed Sibylla devices as permanently unpatched until vendor confirmation ↗
- ·No known public exploitation has been reported at time of advisory publication, but the low-complexity unauthenticated attack surface makes opportunistic exploitation likely if devices remain internet-exposed ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j9h3-rgr4-jg83: Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database
ghsa_unreviewed·2024-09-27
CVE-2024-8630 [CRITICAL] CWE-89 GHSA-j9h3-rgr4-jg83: Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database
Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.
CISA ICS
Alisonic Sibylla
cisa_ics·2024-09-24·CVSS 9.3
[CRITICAL] Alisonic Sibylla
ICS Advisory
##
Alisonic Sibylla
Release DateSeptember 24, 2024
Alert CodeICSA-24-268-02
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/Low attack complexity
- Vendor: Alisonic
- Equipment: Sibylla
- Vulnerability: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could result in an attacker obtaining device information from the database, dumping credentials, or potentially gaining administrator access.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Sibylla, an automated tank gauge, are affected:
- Sib
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-27
Published