Impact
The flaw originates from an improper sanitization of special characters in SQL statements, enabling a form of SQL injection. An authenticated user able to submit arbitrary SQL can use this weakness to raise their privileges within the database server. The injection bypasses normal boundaries, allowing the attacker to execute commands beyond the intended scope and threatening the confidentiality, integrity, and availability of the database.
Affected Systems
Affected products are Microsoft SQL Server 2025 CU 2 and Microsoft SQL Server 2025 for x64‑based systems (GDR). The vendor advisory references only these releases, even though the CPE data includes earlier SQL Server editions. Therefore only SQL Server 2025 variants are confirmed to be exploitable; other versions may not be impacted without further evidence.
Risk and Exploitability
The CVSS score of 8.8 indicates high severity, while the EPSS score of 1% signals a low likelihood of exploitation in the short term. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an authenticated database user with permission to execute SQL commands, typically over the network. After delivering a crafted statement, the attacker can increase their privileges, and monitoring of database activity can mitigate the risk.
OpenCVE Enrichment