CVE-2026-5964
Published: 20 April 2026
Description
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection attacks in EasyFlow .NET by validating all user-supplied inputs before they are used in database queries.
Requires timely patching and remediation of the specific SQL injection vulnerability (CVE-2026-5964) in EasyFlow .NET.
Boundary protection with web application firewalls can inspect and block malicious SQL injection payloads targeting the unauthenticated endpoint.
Security SummaryAI
CVE-2026-5964 is a SQL injection vulnerability (CWE-89) in EasyFlow .NET, a product developed by Digiwin. Published on 2026-04-20, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its network accessibility, low complexity, and lack of prerequisites.
Unauthenticated remote attackers can exploit this vulnerability by injecting arbitrary SQL commands, enabling them to read, modify, and delete database contents. The attack requires no privileges or user interaction, allowing full compromise of confidentiality, integrity, and availability of affected database resources.
Advisories from Taiwan's CERT (TWCERT/CC) detail the issue, with primary references at https://www.twcert.org.tw/en/cp-139-10832-05f3a-2.html and https://www.twcert.org.tw/tw/cp-132-10831-a734d-1.html. Security practitioners should consult these for specific mitigation guidance, such as applying vendor patches or input validation updates where available.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in public-facing application enables T1190 (Exploit Public-Facing Application) for unauthenticated remote exploitation and directly facilitates T1213.006 (Data from Information Repositories: Databases) via arbitrary SQL read access.