Cybersecurity researchers from Rapid7 have uncovered a concerning link between threat actors who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 and a previously unreported SQL injection flaw in PostgreSQL. This newly identified vulnerability, designated as CVE-2025-1094, has been assigned a critical CVSS score of 8.1 and primarily affects the PostgreSQL interactive tool, psql.
In an alarming revelation, security researcher Stephen Fewer stated that an attacker capable of executing a SQL injection via CVE-2025-1094 could attain arbitrary code execution (ACE) due to the interactive tool’s functionality that allows for running meta-commands. This opens the door for unprecedented control over systems using the vulnerable PostgreSQL software.
Rapid7’s investigation emerged while analyzing another vulnerability, CVE-2024-12356, which is a recent fix for a security flaw in BeyondTrust software that permits unauthenticated remote code execution. Notably, successful exploitation of CVE-2024-12356 appears to have necessitated the exploitation of CVE-2025-1094, demonstrating a dangerous chain of vulnerabilities.
In response to this urgent security threat, PostgreSQL maintainers have released updates to mitigate the problem. The patched versions include PostgreSQL 17.3, 16.7, 15.11, 14.16, and 13.19, effectively addressing the vulnerabilities present in these iterations of the database management system.
The root of this vulnerability stems from PostgreSQL’s handling of invalid UTF-8 characters, enabling the possibility for attackers to exploit SQL injection through the shortcut command “\!”, which allows execution of shell commands. This weakens the integrity of systems that utilize PostgreSQL and underlines the critical need for prompt updates and patch implementations.
Fewer elaborated on the potential ramifications, stating that attackers can exploit CVE-2025-1094 to execute shell commands or arbitrary SQL statements dictated by them. This vulnerability presents an attractive target for cybercriminals seeking broader access into systems that rely on PostgreSQL’s database management functionalities.
