CVE-2025-50086: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. in Oracle Corporation MySQL Server
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
AI Analysis
Technical Summary
CVE-2025-50086 is a vulnerability identified in Oracle Corporation's MySQL Server affecting multiple supported versions, specifically 8.0.0 through 8.0.42, 8.4.0 through 8.4.5, and 9.0.0 through 9.3.0. The vulnerability resides in the Server: Components Services component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to exploit the flaw without requiring user interaction. The vulnerability enables the attacker to cause a denial-of-service (DoS) condition by hanging or repeatedly crashing the MySQL Server, resulting in complete service unavailability. The CVSS 3.1 base score is 4.9, indicating a medium severity primarily due to its impact on availability. The attack vector is network-based (AV:N), with low attack complexity (AC:L), but requires high privileges (PR:H) and no user interaction (UI:N). The scope remains unchanged (S:U), and there is no impact on confidentiality or integrity (C:N/I:N), only availability (A:H). The underlying weakness corresponds to CWE-863, which relates to improper authorization. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability is easily exploitable by attackers who already have high privileges and network access, making it a significant risk for environments where MySQL Server is exposed to such users. The ability to cause repeated crashes or hangs can disrupt critical database services, impacting dependent applications and business operations.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to the availability of MySQL Server instances. Many enterprises across Europe rely on MySQL for critical applications, including e-commerce platforms, financial services, public sector databases, and telecommunications. A successful exploitation could lead to service outages, disrupting business continuity and potentially causing financial losses and reputational damage. Since the vulnerability requires high privileges, the threat is more significant in environments where internal users or compromised accounts have elevated access to MySQL servers. Network exposure of MySQL services increases risk, especially in multi-tenant cloud environments or poorly segmented networks. The lack of impact on confidentiality and integrity reduces the risk of data breaches but does not diminish the operational disruption caused by denial-of-service conditions. Additionally, organizations subject to strict regulatory requirements such as GDPR must consider the operational risks and potential non-compliance arising from service unavailability.
Mitigation Recommendations
1. Restrict network access to MySQL Server instances to trusted hosts and networks only, using firewalls and network segmentation to minimize exposure. 2. Enforce the principle of least privilege rigorously, ensuring that only necessary users have high privileges on MySQL servers. 3. Monitor and audit privileged user activities to detect anomalous behavior that could indicate exploitation attempts. 4. Implement robust authentication and access controls, including multi-factor authentication for administrative accounts. 5. Regularly update and patch MySQL Server as soon as Oracle releases a fix for this vulnerability; monitor Oracle security advisories closely. 6. Employ failover and redundancy mechanisms for MySQL services to minimize downtime in case of crashes. 7. Use intrusion detection and prevention systems (IDS/IPS) to identify and block suspicious network traffic targeting MySQL protocols. 8. Conduct penetration testing and vulnerability assessments focusing on MySQL Server configurations and access controls to identify and remediate weaknesses proactively.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden, Poland
CVE-2025-50086: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. in Oracle Corporation MySQL Server
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
AI-Powered Analysis
Technical Analysis
CVE-2025-50086 is a vulnerability identified in Oracle Corporation's MySQL Server affecting multiple supported versions, specifically 8.0.0 through 8.0.42, 8.4.0 through 8.4.5, and 9.0.0 through 9.3.0. The vulnerability resides in the Server: Components Services component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to exploit the flaw without requiring user interaction. The vulnerability enables the attacker to cause a denial-of-service (DoS) condition by hanging or repeatedly crashing the MySQL Server, resulting in complete service unavailability. The CVSS 3.1 base score is 4.9, indicating a medium severity primarily due to its impact on availability. The attack vector is network-based (AV:N), with low attack complexity (AC:L), but requires high privileges (PR:H) and no user interaction (UI:N). The scope remains unchanged (S:U), and there is no impact on confidentiality or integrity (C:N/I:N), only availability (A:H). The underlying weakness corresponds to CWE-863, which relates to improper authorization. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability is easily exploitable by attackers who already have high privileges and network access, making it a significant risk for environments where MySQL Server is exposed to such users. The ability to cause repeated crashes or hangs can disrupt critical database services, impacting dependent applications and business operations.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to the availability of MySQL Server instances. Many enterprises across Europe rely on MySQL for critical applications, including e-commerce platforms, financial services, public sector databases, and telecommunications. A successful exploitation could lead to service outages, disrupting business continuity and potentially causing financial losses and reputational damage. Since the vulnerability requires high privileges, the threat is more significant in environments where internal users or compromised accounts have elevated access to MySQL servers. Network exposure of MySQL services increases risk, especially in multi-tenant cloud environments or poorly segmented networks. The lack of impact on confidentiality and integrity reduces the risk of data breaches but does not diminish the operational disruption caused by denial-of-service conditions. Additionally, organizations subject to strict regulatory requirements such as GDPR must consider the operational risks and potential non-compliance arising from service unavailability.
Mitigation Recommendations
1. Restrict network access to MySQL Server instances to trusted hosts and networks only, using firewalls and network segmentation to minimize exposure. 2. Enforce the principle of least privilege rigorously, ensuring that only necessary users have high privileges on MySQL servers. 3. Monitor and audit privileged user activities to detect anomalous behavior that could indicate exploitation attempts. 4. Implement robust authentication and access controls, including multi-factor authentication for administrative accounts. 5. Regularly update and patch MySQL Server as soon as Oracle releases a fix for this vulnerability; monitor Oracle security advisories closely. 6. Employ failover and redundancy mechanisms for MySQL services to minimize downtime in case of crashes. 7. Use intrusion detection and prevention systems (IDS/IPS) to identify and block suspicious network traffic targeting MySQL protocols. 8. Conduct penetration testing and vulnerability assessments focusing on MySQL Server configurations and access controls to identify and remediate weaknesses proactively.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- oracle
- Date Reserved
- 2025-06-11T22:56:56.111Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6876b00ba83201eaacd04478
Added to database: 7/15/2025, 7:46:19 PM
Last enriched: 7/22/2025, 8:42:13 PM
Last updated: 8/15/2025, 7:31:04 AM
Views: 10
Related Threats
CVE-2025-9099: Unrestricted Upload in Acrel Environmental Monitoring Cloud Platform
MediumCVE-2025-9098: Improper Export of Android Application Components in Elseplus File Recovery App
MediumCVE-2025-31715: CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Unisoc (Shanghai) Technologies Co., Ltd. SL8521E/SL8521ET/ SL8541E/UIS8141E/UWS6137/UWS6137E/UWS6151(E)/UWS6152
CriticalCVE-2025-31714: CWE-20 Improper Input Validation in Unisoc (Shanghai) Technologies Co., Ltd. SL8521E/SL8521ET/ SL8541E/UIS8141E/UWS6137/UWS6137E/UWS6151(E)/UWS6152
MediumCVE-2025-31713: CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') in Unisoc (Shanghai) Technologies Co., Ltd. SL8521E/SL8521ET/ SL8541E/UIS8141E/UWS6137/UWS6137E/UWS6151(E)/UWS6152
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.