CVE-2025-55227 - Vulnerability Details - OpenCVE

Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact total

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55227

History

Tue, 09 Sep 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 09 Sep 2025 17:15:00 +0000

Type	Values Removed	Values Added
Description		Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Title		Microsoft SQL Server Elevation of Privilege Vulnerability
Weaknesses		CWE-77
References		https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55227
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C'}`

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2025-09-09T17:01:32.118Z

Updated: 2025-09-09T22:39:30.337Z

Reserved: 2025-08-11T20:26:16.631Z

Link: CVE-2025-55227

Vulnrichment

Updated: 2025-09-09T17:18:29.991Z

NVD

Status : Received

Published: 2025-09-09T17:16:05.900

Modified: 2025-09-09T17:16:05.900

Link: CVE-2025-55227

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-55227", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2025-08-11T20:26:16.631Z", "datePublished": "2025-09-09T17:01:32.118Z", "dateUpdated": "2025-09-09T22:39:30.337Z"}, "containers": {"cna": {"title": "Microsoft SQL Server Elevation of Privilege Vulnerability", "datePublic": "2025-09-09T07:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "versionStartIncluding": "14.0.0", "versionEndExcluding": "14.0.2085.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "versionStartIncluding": "15.0.0", "versionEndExcluding": "15.0.2145.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "versionStartIncluding": "13.0.0", "versionEndExcluding": "13.0.6470.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "versionStartIncluding": "13.0.0", "versionEndExcluding": "13.0.7065.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "versionStartIncluding": "14.0.0", "versionEndExcluding": "14.0.3505.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0", "versionEndExcluding": "16.0.1150.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "versionStartIncluding": "15.0.0.0", "versionEndExcluding": "15.0.4445.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "versionStartIncluding": "16.0.0.0", "versionEndExcluding": "16.0.4212.1"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "14.0.0", "lessThan": "14.0.2085.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "15.0.0", "lessThan": "15.0.2145.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "13.0.0", "lessThan": "13.0.6470.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "platforms": ["x64-based Systems"], "versions": [{"version": "13.0.0", "lessThan": "13.0.7065.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (CU 31)", "platforms": ["x64-based Systems"], "versions": [{"version": "14.0.0", "lessThan": "14.0.3505.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "platforms": ["x64-based Systems"], "versions": [{"version": "16.0.0", "lessThan": "16.0.1150.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (CU 32)", "platforms": ["x64-based Systems"], "versions": [{"version": "15.0.0.0", "lessThan": "15.0.4445.1", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (CU 20)", "platforms": ["x64-based Systems"], "versions": [{"version": "16.0.0.0", "lessThan": "16.0.4212.1", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en-US", "type": "CWE", "cweId": "CWE-77"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-09-09T22:39:30.337Z"}, "references": [{"name": "Microsoft SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55227"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-09T17:18:25.477767Z", "id": "CVE-2025-55227", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-09T17:18:34.691Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-55227", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-09T17:18:25.477767Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-09T17:18:29.991Z"}}], "cna": {"title": "Microsoft SQL Server Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (GDR)", "versions": [{"status": "affected", "version": "14.0.0", "lessThan": "14.0.2085.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (GDR)", "versions": [{"status": "affected", "version": "15.0.0", "lessThan": "15.0.2145.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", "versions": [{"status": "affected", "version": "13.0.0", "lessThan": "13.0.6470.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "versions": [{"status": "affected", "version": "13.0.0", "lessThan": "13.0.7065.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2017 (CU 31)", "versions": [{"status": "affected", "version": "14.0.0", "lessThan": "14.0.3505.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (GDR)", "versions": [{"status": "affected", "version": "16.0.0", "lessThan": "16.0.1150.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2019 (CU 32)", "versions": [{"status": "affected", "version": "15.0.0.0", "lessThan": "15.0.4445.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}, {"vendor": "Microsoft", "product": "Microsoft SQL Server 2022 (CU 20)", "versions": [{"status": "affected", "version": "16.0.0.0", "lessThan": "16.0.4212.1", "versionType": "custom"}], "platforms": ["x64-based Systems"]}], "datePublic": "2025-09-09T07:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55227", "name": "Microsoft SQL Server Elevation of Privilege Vulnerability", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en-US", "value": "Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "14.0.2085.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "15.0.2145.1", "versionStartIncluding": "15.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "13.0.6470.1", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2016:*:sp3:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "13.0.7065.1", "versionStartIncluding": "13.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2017:*:-:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "14.0.3505.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.1150.1", "versionStartIncluding": "16.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "15.0.4445.1", "versionStartIncluding": "15.0.0.0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "vulnerable": true, "versionEndExcluding": "16.0.4212.1", "versionStartIncluding": "16.0.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2025-09-09T17:01:32.118Z"}}}, "cveMetadata": {"cveId": "CVE-2025-55227", "state": "PUBLISHED", "dateUpdated": "2025-09-09T17:18:34.691Z", "dateReserved": "2025-08-11T20:26:16.631Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2025-09-09T17:01:32.118Z", "assignerShortName": "microsoft"}, "dataVersion": "5.1"}