CVE-2025-0603

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare Callvision Emergency Code allows SQL Injection, Blind SQL Injection. This issue affects Callvision Emergency Code: before V3.0.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Callvision Healthcare / Callvision Emergency Code0 – V3.0

References

MISChttps://www.usom.gov.tr/bildirim/tr-25-0320
MISChttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0320