CVE-2023-3717 – This SQL injection vulnerability in Farmakom Re... (How to Fix)

Q: What is the severity of CVE-2023-3717?

CVE-2023-3717 has a CVSS score of 9.8 (CRITICAL). This SQL injection vulnerability in Farmakom Remote Administration Console allows attackers to execute arbitrary SQL commands on the database. It affects all versions before 1.02, potentially compromising the entire administration system and underlying data.

📋 TL;DR

This SQL injection vulnerability in Farmakom Remote Administration Console allows attackers to execute arbitrary SQL commands on the database. It affects all versions before 1.02, potentially compromising the entire administration system and underlying data.

💻 Affected Systems

Products:

Farmakom Remote Administration Console

Versions: All versions before 1.02

Operating Systems: Unknown - likely Windows-based given administration console nature

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the Remote Administration Console specifically; other Farmakom components may not be affected.

📦 What is this software?

Remote Administration Console by Farmakom

View all CVEs affecting Remote Administration Console →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, authentication bypass, and potential remote code execution on the database server.

🟠

Likely Case

Unauthorized data access, privilege escalation, and potential administrative control of the Remote Administration Console.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities typically have low exploitation complexity, especially in administrative interfaces.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.02

Vendor Advisory: https://www.usom.gov.tr/bildirim/tr-23-0441

Restart Required: Yes

Instructions:

1. Download version 1.02 from official vendor sources. 2. Backup current installation and database. 3. Install the update following vendor documentation. 4. Restart the Remote Administration Console service.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious requests

Network Segmentation

all

Restrict access to the administration console to trusted IP addresses only

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in application code
Apply principle of least privilege to database accounts used by the application

🔍 How to Verify

Check if Vulnerable:

Check the application version in the administration interface or configuration files. If version is below 1.02, the system is vulnerable.

Check Version:

Check application configuration files or administration panel for version information

Verify Fix Applied:

Confirm version is 1.02 or higher in the administration interface and test SQL injection attempts are properly blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple failed login attempts with SQL syntax
Unexpected database queries from application user

Network Indicators:

HTTP requests containing SQL keywords (SELECT, UNION, INSERT, etc.)
Unusual database connection patterns

SIEM Query:

source="application_logs" AND ("SQL syntax" OR "SQL error" OR "unexpected token")

📊 Metadata

CVE ID: CVE-2023-3717

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: August 8, 2023

Last Updated: November 21, 2024

🔗 References

https://www.usom.gov.tr/bildirim/tr-23-0441 Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-23-0441 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3717, you might also want to check these: