CVE-2025-21501 is a vulnerability identified in the Oracle MySQL Server product, specifically within the Server Optimizer component. It affects all supported versions up to 8.0.40, 8.4.3, and 9.1.0 and allows an attacker with low privileges and network access to exploit the flaw via multiple protocols. The vulnerability enables the attacker to cause the MySQL Server to hang or crash repeatedly, resulting in a complete denial-of-service (DoS) condition. The CVSS 3.1 base score is 6.5, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. The underlying weakness corresponds to CWE-770, which relates to allocation of resources without limits or throttling, leading to resource exhaustion. No public exploits have been reported so far, but the ease of exploitation and network accessibility make this a significant risk. The vulnerability could disrupt database services critical to applications relying on MySQL, causing downtime and impacting business operations. Oracle has not yet published patches at the time of this report, so organizations must monitor for updates and apply them promptly once available.

For European organizations, the primary impact of CVE-2025-21501 is the potential for denial-of-service attacks against MySQL Server instances. This can lead to service outages affecting web applications, internal business systems, and customer-facing platforms that depend on MySQL databases. Such disruptions can result in operational downtime, loss of productivity, and reputational damage. Since the vulnerability does not compromise data confidentiality or integrity, the risk of data breaches is low; however, availability loss can still have severe consequences, especially for sectors requiring high uptime such as finance, healthcare, and e-commerce. Organizations with MySQL servers exposed to untrusted networks or insufficiently segmented internal networks are at higher risk. The ease of exploitation means attackers could automate attacks, increasing the likelihood of widespread disruption. Additionally, the absence of known exploits currently provides a window for proactive mitigation before active exploitation begins.

1. Monitor Oracle’s security advisories closely and apply official patches or updates for MySQL Server as soon as they become available to remediate the vulnerability. 2. Restrict network access to MySQL Server instances by implementing strict firewall rules, allowing only trusted hosts and networks to connect, and disabling unnecessary protocols. 3. Employ network segmentation to isolate database servers from general user networks and the internet to reduce exposure. 4. Implement intrusion detection and prevention systems (IDS/IPS) to monitor for unusual traffic patterns or repeated connection attempts that may indicate exploitation attempts. 5. Regularly review and minimize user privileges on MySQL servers to limit the potential impact of compromised accounts. 6. Conduct routine backups and ensure recovery procedures are tested to mitigate the impact of potential service disruptions. 7. Consider deploying rate limiting or connection throttling mechanisms at the network or application level to reduce the risk of resource exhaustion attacks. 8. Maintain comprehensive logging and monitoring of MySQL server performance and crashes to detect early signs of exploitation.