CVE-2025-24999

HIGH

Microsoft SQL Server 2016-2022 Privilege Escalation via Improper Access Control

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-24999. PoCs published by emad-almousa.

AI-analyzed exploit summary The repository references a blog post detailing a privilege escalation vulnerability in Microsoft SQL Server via the ms_databasemanager role. No exploit code is present, but the linked writeup likely contains technical analysis.

Description

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

Exploits (1)

nomisec WRITEUP

by emad-almousa · poc

https://github.com/emad-almousa/CVE-2025-24999

View Code ZIP pw:eip

The repository references a blog post detailing a privilege escalation vulnerability in Microsoft SQL Server via the ms_databasemanager role. No exploit code is present, but the linked writeup likely contains technical analysis.

Classification

Writeup 80%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft SQL Server

Auth required

Prerequisites: Valid SQL Server credentials · Access to a database with ms_databasemanager role

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24999

Scores

CVSS v3 8.8

EPSS 0.0152

EPSS Percentile 71.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-284

Status published

Products (4)

microsoft/sql_server_2016 13.0.6300.2 - 13.0.6465.1

microsoft/sql_server_2017 14.0.1000.169 - 14.0.2080.1

microsoft/sql_server_2019 15.0.2000.5 - 15.0.2140.1

microsoft/sql_server_2022 16.0.1000.6 - 16.0.1145.1

Published Aug 12, 2025

Tracked Since Feb 18, 2026