CVE-2025-30061 is an SQL injection vulnerability identified in the CGM CLININET product, specifically within the "utils/Reporter/OpenReportWindow.pl" service. The vulnerability arises from improper neutralization of special elements in the SQL command, specifically through the "UserID" parameter. This allows an attacker with low privileges and no user interaction required to inject malicious SQL code remotely over an authenticated network connection. The vulnerability is classified under CWE-89, indicating that the input is not properly sanitized or parameterized before being incorporated into SQL queries, leading to potential unauthorized data access or manipulation. The CVSS 4.0 score of 6.9 (medium severity) reflects that the attack vector is adjacent network (AV:A), with low attack complexity (AC:L), no privileges required (PR:L), no user interaction (UI:N), and high impact on confidentiality (VC:H), but no impact on integrity or availability. The vulnerability affects version 0 of CGM CLININET, a clinical information system used in healthcare environments. Although no known exploits are currently reported in the wild, the nature of SQL injection vulnerabilities means that exploitation could lead to unauthorized disclosure of sensitive patient data or unauthorized query execution within the healthcare system's database.

For European organizations, particularly healthcare providers using CGM CLININET, this vulnerability poses a significant risk to patient data confidentiality. Exploitation could allow attackers to extract sensitive medical records, violating GDPR and other data protection regulations, potentially leading to legal penalties and reputational damage. The medium severity score indicates a moderate risk, but given the critical nature of healthcare data, the impact could be severe if exploited. Additionally, unauthorized access or data leakage could disrupt clinical workflows and patient care. Since the vulnerability requires low privileges but no user interaction, insider threats or compromised credentials could be leveraged to exploit this flaw. The lack of known public exploits currently provides a window for mitigation before widespread attacks occur.

To mitigate this vulnerability, European healthcare organizations should prioritize the following actions: 1) Apply vendor patches or updates as soon as they become available; since no patch links are currently provided, maintain close communication with CGM for timely fixes. 2) Implement strict input validation and parameterized queries or prepared statements in the affected service to prevent SQL injection. 3) Restrict access to the "utils/Reporter/OpenReportWindow.pl" service to trusted internal networks and authenticated users with minimal privileges. 4) Monitor database query logs and application logs for unusual or suspicious activity indicative of injection attempts. 5) Conduct regular security assessments and penetration testing focusing on SQL injection vulnerabilities in clinical systems. 6) Enforce strong authentication and session management to reduce the risk of credential compromise. 7) Educate IT and security staff about this specific vulnerability and its potential impact to ensure rapid response.