vulnerability

Microsoft CVE-2025-55227: Microsoft SQL Server Elevation of Privilege Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Sep 9, 2025	Sep 9, 2025	Sep 29, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Sep 9, 2025

Added

Sep 9, 2025

Modified

Sep 29, 2025

Description

Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

Solutions

msft-kb5065220-129bbb01-b777-488c-b3f5-f3e07015769a-x64msft-kb5065221-3272e77c-28c4-473d-943e-a78277f25d03-x64msft-kb5065222-a73207f2-fdd2-465a-b054-448432ad9fb6-x64msft-kb5065223-b94d931b-272a-4297-8376-7f07638e4be3-x64msft-kb5065224-5807ca50-82dd-4640-98c4-13d3c6e4b06b-x64msft-kb5065225-80dda3f5-7b6d-4376-a64e-c8c88c112035-x64msft-kb5065226-b99518f2-1903-4d83-84e9-846b5e689592-x64

References

CVE-2025-55227
https://attackerkb.com/topics/CVE-2025-55227
MSKB-5065220
MSKB-5065221
MSKB-5065222
MSKB-5065223
MSKB-5065224
MSKB-5065225
MSKB-5065226
MSKB-5065227

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today