{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/semtek-informatics-software-consulting-trade-ltd.-co./feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":9.8,"id":"CVE-2026-5801"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["SEM-PMP (through 23042026)"],"_cs_severities":["critical"],"_cs_tags":["sql-injection","rce","vulnerability","web-application"],"_cs_type":"advisory","_cs_vendors":["Semtek Informatics Software Consulting Trade Ltd. Co."],"content_html":"\u003cp\u003eA critical SQL injection vulnerability, CVE-2026-5801, has been disclosed in Semtek Informatics Software Consulting Trade Ltd. Co.'s SEM-PMP software. This flaw affects all versions through 23042026 and allows for improper neutralization of special elements within SQL commands, enabling command line execution via SQL injection. The vulnerability, identified by the Computer Emergency Response Team of the Republic of Turkey, carries a CVSS v3.1 base score of 9.8, indicating severe potential impact. Exploitation could allow unauthenticated remote attackers to execute arbitrary operating system commands, leading to complete compromise of the affected system. Organizations utilizing SEM-PMP should prioritize patching to mitigate this severe risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable input parameter within the Semtek SEM-PMP application that is susceptible to SQL injection.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL payload containing command line execution statements, designed to bypass input validation.\u003c/li\u003e\n\u003cli\u003eThe attacker injects this specially crafted SQL payload into the vulnerable parameter, typically through an unauthenticated web request.\u003c/li\u003e\n\u003cli\u003eThe SEM-PMP application processes the untrusted input directly into an SQL query without proper sanitization.\u003c/li\u003e\n\u003cli\u003eThe backend database executes the injected SQL query, which in turn triggers the command line execution portion of the payload.\u003c/li\u003e\n\u003cli\u003eThe operating system on the server hosting SEM-PMP executes the attacker-supplied commands, granting the attacker arbitrary code execution capabilities.\u003c/li\u003e\n\u003cli\u003eThis can lead to data exfiltration, system compromise, or the deployment of additional malicious software.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-5801 grants an unauthenticated attacker the ability to execute arbitrary commands on the server running Semtek SEM-PMP. This high-severity vulnerability (CVSS v3.1: 9.8 Critical) could lead to complete system compromise, including unauthorized access to sensitive data, modification or deletion of data, installation of malware such as ransomware or backdoors, and establishment of persistent access. The broad nature of \u0026quot;command line execution\u0026quot; implies that attackers can perform almost any action permitted by the compromised application's privileges, making this a significant threat to the integrity and confidentiality of targeted organizations.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch Semtek Informatics Software Consulting Trade Ltd. Co. SEM-PMP to a version that addresses CVE-2026-5801 immediately.\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule to your SIEM to detect attempts at web-based SQL injection, including potential exploitation of CVE-2026-5801.\u003c/li\u003e\n\u003cli\u003eMonitor web server access logs for unusual request patterns, particularly those targeting Semtek SEM-PMP endpoints, and look for SQL injection characteristics in \u003ccode\u003ecs-uri-query\u003c/code\u003e and \u003ccode\u003ecs-uri-stem\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-10T19:31:39Z","date_published":"2026-07-10T19:31:39Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-5801-sem-pmp-sql-injection/","summary":"An SQL injection vulnerability, tracked as CVE-2026-5801, has been identified in Semtek Informatics Software Consulting Trade Ltd. Co. SEM-PMP versions through 23042026, allowing unauthenticated attackers to achieve command line execution on the underlying system with a critical CVSS v3.1 score of 9.8.","title":"CVE-2026-5801 - SQL Injection Leading to Command Line Execution in Semtek SEM-PMP","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-5801-sem-pmp-sql-injection/"}],"language":"en","title":"CraftedSignal Threat Feed - Semtek Informatics Software Consulting Trade Ltd. Co.","version":"https://jsonfeed.org/version/1.1"}