प्लेटफ़ॉर्म
arcgis
घटक
arcgis-server-feature-services
में ठीक किया गया
11.5.1
CVE-2025-57870 represents a critical SQL Injection vulnerability discovered in Esri ArcGIS Server Feature Services. This flaw allows a remote, unauthenticated attacker to inject malicious SQL commands, potentially leading to severe data compromise. The vulnerability affects versions 11.3 through 11.5 running on Windows, Linux, and Kubernetes environments. Esri is expected to release a patch to address this vulnerability.
The impact of CVE-2025-57870 is substantial due to the ease of exploitation and the potential for widespread data compromise. An attacker can leverage this vulnerability to execute arbitrary SQL commands against the underlying Enterprise Geodatabase, bypassing authentication mechanisms. This could result in unauthorized access to sensitive geospatial data, including user information, geographic locations, and critical infrastructure details. Furthermore, attackers could modify or delete data, disrupting operations and potentially causing significant financial and reputational damage. The lack of authentication requirements significantly broadens the attack surface, making it accessible to a wide range of threat actors. The ability to execute arbitrary SQL commands grants attackers a high degree of control over the database, enabling them to extract, modify, or delete any data they can access. This vulnerability shares similarities with other SQL Injection flaws where attackers can escalate privileges and gain complete control over the affected system.
CVE-2025-57870 was published on 2025-10-22. The vulnerability's critical CVSS score (10) indicates a high probability of exploitation. As of this writing, no public Proof-of-Concept (POC) code has been released, but the ease of exploitation suggests that it is likely to become publicly available. The vulnerability is not currently listed on KEV or EPSS, but its severity warrants close monitoring. Active campaigns targeting ArcGIS Server are possible, given its widespread use in various industries.
एक्सप्लॉइट स्थिति
EPSS
0.17% (38% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-57870 is to upgrade to a patched version of Esri ArcGIS Server as soon as it becomes available. Until a patch is applied, consider implementing temporary workarounds to reduce the risk. These may include restricting access to the vulnerable Feature Service operation, implementing strict input validation on all user-supplied data, and utilizing a Web Application Firewall (WAF) to filter out malicious SQL injection attempts. Configure your WAF to block requests containing suspicious SQL syntax. Regularly review ArcGIS Server logs for any signs of unusual activity or attempted SQL injection attacks. After upgrading, verify the fix by attempting to trigger the vulnerable Feature Service operation with a known malicious SQL payload and confirming that the attack is blocked.
Aplique el parche de seguridad proporcionado por Esri para ArcGIS Server Feature Services. Actualice a una versión posterior a la 11.5 que contenga la corrección para la vulnerabilidad de inyección SQL. Consulte el blog de Esri para obtener más detalles e instrucciones específicas.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
It's a critical SQL Injection vulnerability in Esri ArcGIS Server Feature Services (versions 11.3-11.5) allowing unauthenticated attackers to execute SQL commands.
If you are running ArcGIS Server versions 11.3, 11.4, or 11.5 on Windows, Linux, or Kubernetes, you are potentially affected by this vulnerability.
The recommended fix is to upgrade to a patched version of Esri ArcGIS Server as soon as a patch is released. Implement temporary workarounds until the upgrade is complete.
While no public POC exists yet, the vulnerability's severity and ease of exploitation suggest it is likely to be targeted. Monitor your systems closely.
Refer to the Esri security advisory and the National Vulnerability Database (NVD) entry for CVE-2025-57870 for detailed information and updates.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।