CVE-2024-13150 is a critical SQL Injection vulnerability (CWE-89) identified in Fayton Software and Consulting Services' fayton.pro ERP product. This vulnerability arises from improper neutralization of special elements used in SQL commands, allowing an attacker to inject malicious SQL code into the backend database queries. The vulnerability affects all versions of fayton.pro ERP up to and including the version released on 2025-09-29. The CVSS v3.1 base score of 9.8 indicates a critical severity level, reflecting the ease of exploitation and the severe impact on confidentiality, integrity, and availability. The attack vector is network-based (AV:N), requiring no privileges (PR:N) and no user interaction (UI:N), making it highly exploitable remotely. Successful exploitation could allow attackers to read, modify, or delete sensitive data, execute administrative operations on the database, and potentially compromise the entire ERP system. Given that ERP systems typically manage critical business processes, including financials, supply chain, and human resources, this vulnerability poses a significant risk to organizations relying on fayton.pro ERP. No known exploits are currently reported in the wild, and no patches have been linked yet, indicating that organizations must be vigilant and proactive in monitoring and mitigation efforts.

For European organizations using fayton.pro ERP, this vulnerability could lead to severe consequences including unauthorized access to sensitive business data, financial loss, operational disruption, and reputational damage. Given the critical nature of ERP systems in managing enterprise resources, exploitation could disrupt supply chains, payroll, procurement, and compliance reporting. The breach of confidential data could also lead to violations of GDPR and other data protection regulations, resulting in legal penalties and loss of customer trust. Additionally, attackers could leverage this vulnerability as a foothold to move laterally within corporate networks, escalating the scope of compromise. The lack of required authentication and user interaction increases the risk of automated attacks targeting exposed ERP instances. European organizations in sectors such as manufacturing, retail, and services that depend heavily on ERP solutions are particularly at risk.

Organizations should immediately conduct an inventory to identify all instances of fayton.pro ERP in use. Until an official patch is released, implement the following mitigations: 1) Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting fayton.pro ERP endpoints. 2) Restrict network access to ERP systems by limiting exposure to trusted IP addresses and using VPNs or zero-trust network architectures. 3) Conduct thorough input validation and sanitization on all user inputs interfacing with the ERP system, if customization or middleware is used. 4) Monitor logs for unusual database query patterns or failed SQL commands indicative of injection attempts. 5) Engage with Fayton Software and Consulting Services for timely updates and patches, and apply them immediately upon release. 6) Consider deploying database activity monitoring tools to detect and alert on suspicious queries. 7) Educate internal teams about the vulnerability and encourage prompt reporting of anomalies. These steps go beyond generic advice by focusing on network-level controls, monitoring, and vendor engagement specific to this ERP product.