How is CVE-2026-4104 exploited?

Network reachability (required): The vulnerable endpoint is exposed over the network; an attacker must be able to reach the TeknoPass service via a standard network connection to send a malicious request. Authentication (not-required): No account or session credential is needed; the injection point is reachable by any unauthenticated HTTP request. Victim interaction (not-required): The attacker does not need to trick or wait for any user action; the exploit is fully self-contained on the attacker side. Attack complexity (info): Exploitation is reliable and condition-free; no race conditions, memory-layout knowledge, or environmental setup are required to trigger the SQL injection.

What is the impact of CVE-2026-4104?

Reads arbitrary rows from the database, including stored credentials, session tokens, and any user or operational records held by TeknoPass. Modifies or deletes persisted database rows, allowing an attacker to alter access-control records, tamper with audit logs, or corrupt configuration data. Crashes or degrades database availability, disrupting the TeknoPass service and any industrial or physical-access processes that depend on it. Depending on database configuration, may allow out-of-band data exfiltration or execution of database-level commands that extend attacker reach beyond the application tier.

Back to search

CRITICALCVE-2026-4104Published 2026-06-04Modified 2026-06-04CNA TR-CERT

CVE-2026-4104: SQLi in Akmer Informatics' TeknoPass

Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: from 20210501 through 20260429.

CVSS v3.1: 9.8
Severity: CRITICAL
Fixed in: —
Affected Products: 1

HarborGuard Analysis

Synopsis

SQL injection via user-controlled primary key in Akmer Informatics TeknoPass, an industrial automation and access-management product. The vulnerability is reachable over the network with no authentication required and no user interaction needed, making it trivially exploitable by any remote attacker. Successful exploitation gives an attacker full read, write, and denial-of-service capability against the underlying database. HarborGuard is tracking this advisory and will make a patched-image rebuild available the moment an upstream fix is published.

HarborGuard Coverage

Detection

Detection of CVE-2026-4104 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against images in customer registries and CI/CD pipelines, including custom-built images that bundle TeknoPass or its dependencies.

Available

Triage

Triage is available with CVSS 9.8 (Critical) scoring applied automatically, weighted against each environment's compliance policy to determine urgency; the finding is routed to the appropriate team inbox within the customer organization based on image ownership rules.

Available

Patch

Because no upstream fix version has been published, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment Akmer Informatics ships a remediated release. For customers with auto-remediation enabled, the rebuild, regression run, and pull request against affected workloads will be triggered without manual intervention.

Pending upstream

Exploit Conditions

Network reachabilityRequired
The vulnerable endpoint is exposed over the network; an attacker must be able to reach the TeknoPass service via a standard network connection to send a malicious request.
AuthenticationNot required
No account or session credential is needed; the injection point is reachable by any unauthenticated HTTP request.
Victim interactionNot required
The attacker does not need to trick or wait for any user action; the exploit is fully self-contained on the attacker side.
Attack complexityDetail
Exploitation is reliable and condition-free; no race conditions, memory-layout knowledge, or environmental setup are required to trigger the SQL injection.

Blast Radius

Reads arbitrary rows from the database, including stored credentials, session tokens, and any user or operational records held by TeknoPass.
Modifies or deletes persisted database rows, allowing an attacker to alter access-control records, tamper with audit logs, or corrupt configuration data.
Crashes or degrades database availability, disrupting the TeknoPass service and any industrial or physical-access processes that depend on it.
Depending on database configuration, may allow out-of-band data exfiltration or execution of database-level commands that extend attacker reach beyond the application tier.

How HarborGuard Handles This

Available on HarborGuard: because no fix version exists for CVE-2026-4104 as of publication, the recommended immediate action for affected environments is network-policy isolation of TeknoPass instances to limit inbound access to known, trusted source addresses only. Egress filtering can reduce the risk of out-of-band SQL injection techniques that beacon to attacker-controlled hosts. Where TeknoPass exposes optional API endpoints or authentication modules, disabling unused surface via feature-flag or configuration gating narrows the attack surface further. HarborGuard monitors the Akmer Informatics advisory and TR-CERT feed on every ingest cycle; when an upstream patch is published, a patched-image rebuild becomes available automatically, and customers with auto-remediation enabled will receive a rebuilt image, a regression-test run, and a PR opened against affected workloads without manual steps.

See how HarborGuard automates this

Affected packages

Akmer Informatics Automation Industry and Trade Ltd. Co. / TeknoPass
≤ 20260429

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

siberguvenlik.gov.tr

Metrics

Get notified