660b15ecf9caf7001ee32c7e Shutterstock 2010923726

CISA and FBI highlight prevalence of SQLi vulnerabilities

April 1, 2024
Secure by Design alert designed to eliminate SQL injection vulnerabilities in software

The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint Secure by Design alert, eliminating SQL injection vulnerabilities in software. The alert was crafted in response to a recent, well-publicized exploitation of SQL injection (SQLi) defects in a managed file transfer application that impacted thousands of organizations. Additionally, the alert highlights the prevalence of this class of vulnerability.

Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers continue to develop products with this defect, which puts many customers at risk.

CISA and the FBI urge senior executives at technology manufacturing companies to mount a formal review of their code to determine its susceptibility to SQLi compromises. If found vulnerable, senior executives should ensure their organizations’ software developers begin immediate implementation of mitigations to eliminate this entire class of defect from all current and future software products.

Sponsored Recommendations

Boost Material Handling Operations with the New Assist Wheel Drive

Transportation and material moving are repeatedly among the most frequent workplace injuries and also a leading cause of days away from work, job transfers, or restrictions. Learn...

EV Battery Pack Manufacturing with AC Servos and Robotics

This white paper from Yaskawa examines the increase in demand for electric vehicle (EV) batteries and explores different steps in their manufacturing process where AC servos and...

2024 State of Technology Report: HMIs, IPCs and Enclosures

The human-machine interface, the industrial PC and the enclosure are three of the most evolutionary components in an industrial control strategy. No devices have changed more ...

Evolution of Motion Control Guide

Learn more about advances in motor control in this helpful guide.