PT-2025-42130 · Microsoft · Odbc Driver For Sql Server

Published

2025-10-14

Updated

2026-05-18

CVE-2025-59250

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions JDBC Driver for SQL Server (affected versions not specified)

Description An improper input validation issue exists in the JDBC Driver for SQL Server. This allows an unauthorized attacker to perform spoofing attacks over a network. The issue potentially enables attackers to impersonate legitimate entities or inject malicious data into SQL Server operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-13077

CLEANSTART-2026-PO27799

CLEANSTART-2026-TZ04509

CLEANSTART-2026-VJ37814

CVE-2025-59250

ECHO-D399-BABC-BF30

GHSA-M494-W24Q-6F7W

Affected Products

Odbc Driver For Sql Server

PT-2025-42130 · Microsoft · Odbc Driver For Sql Server

CVE-2025-59250

Weakness Enumeration

Related Identifiers

Affected Products

References · 96