The vulnerability of the UnlockTcmSettings method in the software for managing and monitoring deleted objects in telemetering and telemechanics systems allows a perpetrator to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the UnlockTcmSettings method in the software for managing and monitoring removed objects in Telemetry and Telemechanics systems is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass securi...

CVE-2025-32851

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockTcmSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...