5 matches found
CVE-2025-55227
Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
CVE-2025-55227
Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...
CVE-2025-55227 Microsoft SQL Server Elevation of Privilege Vulnerability
...
CVE-2025-55227
CVE-2025-55227 is an Elevation of Privilege vulnerability in Microsoft SQL Server caused by improper neutralization of special elements in a command (command injection). The CVE entry notes that an authenticated, network-connected attacker can leverage this to elevate privileges. Microsoft adviso...
KB5065225 - Description of the security update for SQL Server 2017 CU31: September 9, 2025
None None...