Cyber Posture

CVE-2024-12146

High

Published: 06 March 2025

Published
06 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0011 29.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-12146 is a high-severity SQL Injection (CWE-89) vulnerability in Gov (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Requires validation of information inputs to neutralize special elements used in SQL commands, directly preventing SQL injection in the Finder ERP/CRM system.

SI-2 Flaw Remediation good match
prevent

Mandates timely flaw remediation through vendor patches, such as upgrading to Finder ERP/CRM version 18.12.2024, to eliminate the SQL injection vulnerability.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Vulnerability scanning detects SQL injection issues like CVE-2024-12146 in the ERP/CRM system, enabling proactive remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection in a remotely accessible ERP/CRM web application directly enables T1190 for initial access via public-facing app exploitation and facilitates T1213.006 for unauthorized database data collection.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024.

Deeper analysisAI

CVE-2024-12146 is an SQL Injection vulnerability (CWE-89) due to improper neutralization of special elements used in an SQL command. It affects Finder Fire Safety Finder ERP/CRM (New System) in versions before 18.12.2024.

Remote attackers can exploit this vulnerability over the network with low attack complexity, requiring no privileges, no user interaction, and without changing the scope of impact. Successful exploitation results in high confidentiality impact, potentially allowing unauthorized access to sensitive data, as reflected in the CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Mitigation details are available in the advisory published by USOM at https://www.usom.gov.tr/bildirim/tr-25-0060. The issue is addressed in Finder ERP/CRM (New System) version 18.12.2024 and later.

Details

CWE(s)
CWE-89

Affected Products

Gov
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-23492Shared CWE-89
CVE-2019-25541Shared CWE-89
CVE-2025-25116Shared CWE-89
CVE-2025-52025Shared CWE-89
CVE-2025-56316Shared CWE-89
CVE-2026-0702Shared CWE-89
CVE-2025-67146Shared CWE-89
CVE-2026-25936Shared CWE-89
CVE-2025-69215Shared CWE-89
CVE-2026-24977Shared CWE-89

References