CVE-2025-2585
Published: 21 March 2025
Description
Adversaries may leverage databases to mine valuable information.
Security Summary
CVE-2025-2585 is a SQL injection vulnerability (CWE-89) in EBM Maintenance Center from EBM Technologies. Published on 2025-03-21, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to network accessibility, low attack complexity, and low required privileges with high impacts on confidentiality, integrity, and availability.
Remote attackers possessing regular (low) privileges can exploit this vulnerability to inject arbitrary SQL commands, enabling them to read sensitive database contents, modify data, and delete records. The lack of user interaction required and unchanged scope make it straightforward for authenticated users to escalate their access within the application's database.
Mitigation details are provided in advisories from TWCERT/CC, accessible at https://www.twcert.org.tw/en/cp-139-10022-8e28e-2.html and https://www.twcert.org.tw/tw/cp-132-10021-8786e-1.html. Security practitioners should consult these references for patching instructions and workarounds specific to the affected EBM Maintenance Center software.
Details
- CWE(s)
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SQL injection in network-accessible app directly enables remote exploitation of public-facing application (T1190) and unauthorized access to database contents for collection (T1213.006).