CVE-2026-40817: high vulnerability (CVSS 7.5)
CVE-2026-40817 is an unauthenticated SQLi in the getAlarmProfiles function, exploitable remotely with no credentials required. CVSS 7.5 reflects full confidentiality loss—attackers can exfiltrate the entire dataset reachable by the query. No integrity or availability impact is listed, but data exposure alone is critical in alarm/monitoring contexts.
The getAlarmProfiles endpoint being pre-auth is the kill shot—no phishing, no foothold needed. If this sits on an exposed management plane or IoT/OT network, treat it as actively weaponizable. Immediately restrict network access to this endpoint and audit logs for anomalous SELECT-heavy queries; patch or WAF-block as an emergency measure.
CVE-2026-40817 exposes a classic SQL injection flaw in the getAlarmProfiles function, where user-controlled input is passed unsanitized into a SELECT statement. The absence of any authentication requirement means the attack surface is every network-reachable instance.
The confidentiality impact is rated total—meaning the attacker can likely dump arbitrary tables, not just alarm profile data. In alarm management systems, this often includes credentials, sensor mappings, and operational topology that enables follow-on attacks.
Defenders should treat pre-auth SQLi on management functions as P0 regardless of CVSS score. Apply parameterized queries at the code level, enforce network segmentation around management APIs, and rotate any credentials stored in the affected database until a patch is confirmed deployed.