Cyber Resilience

CVE-2026-33614

High

Published: 02 April 2026

Published
02 April 2026
Modified
16 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0005 17.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33614 is a high-severity SQL Injection (CWE-89) vulnerability in Mbconnectline Mbconnect24. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-33614 is an unauthenticated SQL injection vulnerability (CWE-89) in the getinfo endpoint, stemming from improper neutralization of special elements used in a SQL SELECT command. Published on 2026-04-02, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity primarily due to its impact on confidentiality.

An unauthenticated remote attacker can exploit this vulnerability over the network with low attack complexity, requiring no privileges or user interaction. Successful exploitation enables a total loss of confidentiality, potentially allowing the attacker to extract sensitive data from the underlying database.

Advisories detailing mitigations and patches are available from CERT VDE under VDE-2026-030, accessible at https://certvde.com/de/advisories/VDE-2026-030 and as a CSAF document at https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-030.json.

EU & UK References

Vulnerability details

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Unauthenticated SQL injection in public-facing getinfo endpoint directly enables remote exploitation of public-facing applications (T1190) for unauthorized database data extraction.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-33615Same product: Mbconnectline Mbconnect24
CVE-2026-33616Same product: Mbconnectline Mbconnect24
CVE-2026-33613Same product: Mbconnectline Mbconnect24
CVE-2026-39334Shared CWE-89
CVE-2024-13488Shared CWE-89
CVE-2026-20002Shared CWE-89
CVE-2025-1446Shared CWE-89
CVE-2025-22699Shared CWE-89
CVE-2026-36232Shared CWE-89
CVE-2026-31871Shared CWE-89

Affected Assets

mbconnectline
mbconnect24
≤ 2.19.4
mbconnectline
mymbconnect24
≤ 2.19.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and neutralization of special elements in inputs to the getinfo endpoint SQL SELECT command, preventing SQL injection exploitation.

prevent

Provides for timely identification, reporting, and remediation of the specific SQL injection flaw via patching as detailed in related advisories.

preventdetect

Boundary protection at external interfaces can deploy web application firewalls to inspect traffic and block SQL injection patterns targeting the unauthenticated getinfo endpoint.

References