AI description
CVE-2025-1094 is an SQL injection vulnerability found in PostgreSQL's interactive tool, `psql`, and the `libpq` functions. The vulnerability allows attackers to inject malicious SQL code due to improper handling of escaped characters, specifically invalid UTF-8 characters within the PostgreSQL string escaping routines. This can lead to arbitrary code execution by leveraging `psql`'s ability to run meta-commands, potentially granting attackers control over the underlying operating system. This vulnerability affects PostgreSQL versions prior to 17.3, 16.7, 15.11, 14.16, and 13.19. It was discovered by Rapid7 during their research into CVE-2024-12356, a remote code execution vulnerability in BeyondTrust products. Exploitation of CVE-2024-12356 reportedly required the exploitation of CVE-2025-1094. PostgreSQL users are advised to update to the latest versions to mitigate this vulnerability. The functions affected in the `libpq` library include `PQescapeLiteral()`, `PQescapeIdentifier()`, `PQescapeString()`, and `PQescapeStringConn()`.
- Description
- Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the function result to construct input to psql, the PostgreSQL interactive terminal. Similarly, improper neutralization of quoting syntax in PostgreSQL command line utility programs allows a source of command line arguments to achieve SQL injection when client_encoding is BIG5 and server_encoding is one of EUC_TW or MULE_INTERNAL. Versions before PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19 are affected.
- Source
- f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
- CWE-149
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
⚠️ Vulnerability Alert: PostgreSQL Improper Quoting Vulnerability 📅 Timeline: Disclosure: 2025-01-27, Patch: 2025-02-13 📌 Attribution: Stephen Fewer, Principal Security Researcher, Rapid7 🆔cveId: CVE-2025-1094 📊baseScore: 8.1 📏cvssMetrics:… https://t.co/w7QIeYn41g
@syedaquib77
19 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1094 (CVSS:8.1, HIGH) is Awaiting Analysis. Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescap..https://t.co/1mEUY8Fznc #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
18 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad zero-day en PostgreSQL (CVE-2025-1094) permite inyecciones SQL, explotada junto a fallo en BeyondTrust (CVE-2024-12356) afectando al Departamento del Tesoro de EE. UU. Se recomienda actualizar a versiones 17.3, 16.7, 15.11, 14.16 y 13.19. https://t.co/qIr3RGmOec
@twuai_
18 Feb 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PostgreSQLのpsqlで重大度の高い脆弱性(CVE-2025-1094) #セキュリティ対策Lab #セキュリティ https://t.co/HonnZd7Jk3
@securityLab_jp
18 Feb 2025
32 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1094 is a critical SQL injection vulnerability discovered by Rapid7 during the CVE-2024-12356 investigation. It allows attackers to execute arbitrary code via PostgreSQL's interactive tool due to improperly escaped input, with a Metasploit exploit module available.
@GrimmAnalyst
18 Feb 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Listo para Metasploit: CVE-2025-1094 SQLi en PostgreSQL expone los sistemas a ataques remotos https://t.co/EWX0GVixVc
@OmarBeltran1098
17 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 High-severity SQL injection vulnerability (CVE-2025-1094) found in PostgreSQL's psql can lead to arbitrary code execution. Affected versions must be updated! 🛡️ #PostgreSQL #SQLInjection #USA link: https://t.co/jFKACRM2if https://t.co/UaPWYMtalM
@TweetThreatNews
17 Feb 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) https://t.co/quzjOVtySp https://t.co/jXUwgd87ZR
@secharvesterx
17 Feb 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #CVE-2025-1094: #PostgreSQL psql SQL Injection https://t.co/NTGhKrxsmz
@UndercodeUpdate
17 Feb 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-1094
@transilienceai
17 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-1094: PostgreSQL psql SQL injection 🔥PoC:https://t.co/9AV8wm2gRm 🧐Deep Dive :https://t.co/1vt35zgdvI ✅Join Telegram- https://t.co/V3wk76X9Vu 👇Dorks: HUNTER : protocol="postgresql" FOFA : product="PostgreSQL" SHODAN : "port:5432 PostgreSQL"… https://t.co/ZFdbCzah
@wtf_brut
17 Feb 2025
1499 Impressions
3 Retweets
27 Likes
15 Bookmarks
2 Replies
0 Quotes
🚨Alert🚨 CVE-2025-1094: PostgreSQL psql SQL injection 🔥PoC:https://t.co/4I1MuN1xLB 🧐Deep Dive :https://t.co/AcNvV6fE9j 📊 956K+Services are found on the https://t.co/0ggQCk2jvE yearly.
@yunus_huse17549
17 Feb 2025
5 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE Alert: PostgreSQL Improper Input Validation Zero-day Vulnerability Exploited In The Wild🚨 Vulnerability Details: CVE-2025-1094 (CVSS 8.1/10) PostgreSQL Improper Input Validation Vulnerability Impact: A Successful exploit may allows a remote attacker to execute arbitrary
@CyberxtronTech
17 Feb 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Russian hackers are exploiting Microsoft device code authentication in targeted attacks on M365 accounts. Meanwhile, Metasploit now supports CVE-2025-1094, a PostgreSQL SQL injection flaw that exposes systems to remote attacks. 🔗 https://t.co/aTqBBFlR6I #CyberSecurity #Infosec
@adriananglin
17 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PostgreSQLのpsqlツールにおけるSQLインジェクション脆弱性CVE-2025-1094に対応するMetasploitモジュールが公開された。"!"メタ文字を使用する事で任意コマンドを実行可能。 https://t.co/rAFvXpVMlF
@__kokumoto
17 Feb 2025
1291 Impressions
3 Retweets
19 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-1094: PostgreSQL psql SQL injection 🔥PoC:https://t.co/gyeczN1OSE 🧐Deep Dive :https://t.co/t4df4L1hgi 📊 956K+Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/CoQjRRzFYu 👇Query HUNTER : protocol="postgresql" FOFA :… https:
@HunterMapping
17 Feb 2025
7020 Impressions
51 Retweets
158 Likes
81 Bookmarks
1 Reply
0 Quotes
Metasploit-Ready: CVE-2025-1094 SQLi in #PostgreSQL Exposes Systems to Remote Attacks Explore CVE-2025-1094, a high-severity SQL injection vulnerability in PostgreSQL's psql tool that can execute arbitrary code https://t.co/LU0RNsJv6r
@the_yellow_fall
17 Feb 2025
405 Impressions
2 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-1094: PostgreSQL Quoting APIs Miss Neutralizing Quoting Syntax in Text That Fails Encoding Validation ⚠️This flaw allows attackers to inject malicious data into some of the REST API endpoints’ query parameters. ZoomEye Dork👉app="PostgreSQL DB" 3.6m+ results are… ht
@zoomeye_team
16 Feb 2025
1104 Impressions
8 Retweets
16 Likes
10 Bookmarks
0 Replies
0 Quotes
آسیب پذیری SQLi در PostgreSQL در این پست آسیب پذیری CVE-2025-1094 در PostgreSQL و ارتباط اون با هک #BeyondTrust و چندین سازمان و آژانس آمریکایی رو بررسی کردیم. https://t.co/w7IcIsaDPM #آسیب_پذیری_امنیتی #بازیگران_تهدید #PostgreSQL #CVE #APT #SaltTyphoon #sqlinjection
@onhexgroup
16 Feb 2025
55 Impressions
0 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 Vulnerabilidad crítica en PostgreSQL con inyección SQL ⚠️ CVE-2025-1094 https://t.co/ZfYhyEkemF https://t.co/8pXmmP6rh8
@elhackernet
15 Feb 2025
8800 Impressions
58 Retweets
170 Likes
48 Bookmarks
1 Reply
0 Quotes
🚨 A significant breach at BeyondTrust exploited critical PostgreSQL vulnerabilities (CVE-2024-12356, CVE-2025-1094), compromising U.S. Treasury systems. Linked to Chinese state-backed hackers. ⚠️ #China #BeyondTrust #APIvulnerability link: https://t.co/qOW8jUtxDn https://t.co/A
@TweetThreatNews
15 Feb 2025
49 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری CVE-2025-1094 در PostgreSQL اکسپلویت شد! #Cyber_Security_News #اخبار_امنیت_سایبری #PostgreSQL #CVE_2024_12356 #CVE_2025_1094 https://t.co/lcqTSoLMkm
@vulnerbyte
15 Feb 2025
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1094 impacts PostgreSQL with SQL injection #PostgreSQL #CVE-2025-1094 https://t.co/KqrWnycBKW
@pravin_karthik
15 Feb 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PostgreSQL & BeyondTrust Zero-Day Exploited in Targeted Attacks! Hackers abused a PostgreSQL flaw (CVE-2025-1094, CVSS 8.1) & a BeyondTrust zero-day for unauth RCE. ⚠️ PostgreSQL patched it—update now! CISA mandates fixes for SimpleHelp CVE-2024-57727 by March 6.… https
@dCypherIO
14 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A nova vulnerabilidade CVE-2025-1094 no PostgreSQL revelada! Com um CVSS de 8.1, ela permite injeções SQL que podem mexer até com o shell do SO! 🐍💻 Você está usando versões seguras? Confira se sua instalação foi atualizada para evitar surpresas. #IncursioHack
@IncursioHack
14 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🔒 Urgent Security Update: A new SQL injection flaw in PostgreSQL (CVE-2025-1094) has been exploited alongside a BeyondTrust zero-day 🛡️💻 Read our advice: https://t.co/32LYpZP572 or try https://t.co/4KsrhURxeA today and register for free #CyberSecurity #PostgreSQL #InfoSec
@BaseFortify
14 Feb 2025
38 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1094: Improper Neutralization of Quoting Syntax in PostgreSQL functions, 8.1 rating❗️ A vulnerability in some functions of the libpq library allows SQL injection. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/pQY8hOIqew #cybersecurity #vulnerability_map htt
@Netlas_io
14 Feb 2025
39 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1094: vulnerabilità SQL injection in PostgreSQL psql risolta Sicurezza Informatica, CVE-2025-1094, cybersecurity, database, exploit, PostgreSQL, PostgreSQL aggiornamento sicurezza, psql, Rapid7, sql, SQL injection, vulnerabilità https://t.co/IBa7qiND6C https://t.co/aHIJx
@matricedigitale
14 Feb 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent findings reveal a PostgreSQL vulnerability (CVE-2025-1094) exploited alongside a BeyondTrust zero-day. Updates are critical for security. ⚠️ #PostgreSQL #BeyondTrust #USA link: https://t.co/199MhDDOCk https://t.co/Zrh61EJGaV
@TweetThreatNews
14 Feb 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 A newly discovered SQL injection flaw (CVE-2025-1094) in PostgreSQL can lead to arbitrary code execution, exploiting the psql tool’s meta-commands. This vulnerability links to another zero-day exploit in BeyondTrust products, revealing a serious interconnected risk. 🛡️
@eilonh1
14 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️ Vulnerability Alert: PostgreSQL Zero-Day Vulnerability 📅 Timeline: Disclosure: 2025-01-29, Patch: 2025-02-13 📌 Attribution: Rapid7 📝 Detailed Summary: CVE-2025-1094 is a high-severity SQL injection vulnerability affecting PostgreSQL's psql tool. It arises due to incorrect
@syedaquib77
14 Feb 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A new PostgreSQL zero-day vulnerability (CVE-2025-1094) poses significant risks, linked to BeyondTrust exploitation and attacks on the US Treasury. Patches released for urgent attention. 🛡️ #PostgreSQL #BeyondTrust #USA link: https://t.co/c11jGFG6kb https://t.co/OI1YoIFm8v
@TweetThreatNews
13 Feb 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Rapid7がPostgreSQLのゼロデイ(CVE-2025-1094)を発見。BeyondTrust製品の攻撃に悪用され、米財務省も被害。緊急パッチが公開。 https://t.co/7qX6x9LFQZ
@01ra66it
13 Feb 2025
413 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 Analysis of #PostgreSQL Zero-Day Vulnerability #CVE-2025-1094 and Its Connection to BeyondTrust #CVE-2024-12356 https://t.co/AWS4Gdm0lT
@UndercodeUpdate
13 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Our @metasploit exploit module for unauthenticated RCE against BeyondTrust Privileged Remote Access & Remote Support is now available. The exploit can either leverage CVE-2024-12356 and CVE-2025-1094 together, or solely leverage CVE-2025-1094 for RCE: https://t.co/iXW6RsSsDe
@stephenfewer
13 Feb 2025
5092 Impressions
21 Retweets
67 Likes
20 Bookmarks
1 Reply
1 Quote
Today @rapid7 has disclosed CVE-2025-1094, a new PostgreSQL SQLi vuln we discovered while researching CVE-2024-12356 in BeyondTrust Remote Support. Untrusted inputs that have been safely character escaped could still generate SQLi under certain conditions: https://t.co/pfCTejv5oO
@stephenfewer
13 Feb 2025
7909 Impressions
37 Retweets
80 Likes
20 Bookmarks
3 Replies
1 Quote
New Rapid7 vuln disclosure c/o @stephenfewer: CVE-2025-1094 is a SQL injection flaw in PostgreSQL's psql interactive tool that was discovered while analyzing BeyondTrust RS CVE-2024-12356. The bug is interesting — 🧵on its relation to BeyondTrust https://t.co/h4nuEGSGw5
@catc0n
13 Feb 2025
4971 Impressions
17 Retweets
41 Likes
17 Bookmarks
1 Reply
1 Quote