PT-2026-21242 · Key Systems · Global Facilities Management
Chndlrx
·
Published
2026-02-20
·
Updated
2026-02-26
·
CVE-2026-26721
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Key Systems Inc Global Facilities Management Software version 20230721a
Description
A flaw exists that allows a remote attacker to obtain sensitive information. The issue is related to the
sid query parameter. The API endpoint is affected. The vulnerable parameter is sid.Recommendations
Apply any available updates to address the issue. As a temporary workaround, restrict access to the
sid query parameter until a patch is available.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Global Facilities Management