Skip to main content

CVE-2025-50086: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. in Oracle Corporation MySQL Server

Medium
VulnerabilityCVE-2025-50086cvecve-2025-50086
Published: Tue Jul 15 2025 (07/15/2025, 19:27:43 UTC)
Source: CVE Database V5
Vendor/Project: Oracle Corporation
Product: MySQL Server

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

AI-Powered Analysis

AILast updated: 07/22/2025, 20:42:13 UTC

Technical Analysis

CVE-2025-50086 is a vulnerability identified in Oracle Corporation's MySQL Server affecting multiple supported versions, specifically 8.0.0 through 8.0.42, 8.4.0 through 8.4.5, and 9.0.0 through 9.3.0. The vulnerability resides in the Server: Components Services component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to exploit the flaw without requiring user interaction. The vulnerability enables the attacker to cause a denial-of-service (DoS) condition by hanging or repeatedly crashing the MySQL Server, resulting in complete service unavailability. The CVSS 3.1 base score is 4.9, indicating a medium severity primarily due to its impact on availability. The attack vector is network-based (AV:N), with low attack complexity (AC:L), but requires high privileges (PR:H) and no user interaction (UI:N). The scope remains unchanged (S:U), and there is no impact on confidentiality or integrity (C:N/I:N), only availability (A:H). The underlying weakness corresponds to CWE-863, which relates to improper authorization. No known exploits are currently reported in the wild, and no patches have been linked yet. This vulnerability is easily exploitable by attackers who already have high privileges and network access, making it a significant risk for environments where MySQL Server is exposed to such users. The ability to cause repeated crashes or hangs can disrupt critical database services, impacting dependent applications and business operations.

Potential Impact

For European organizations, this vulnerability poses a risk primarily to the availability of MySQL Server instances. Many enterprises across Europe rely on MySQL for critical applications, including e-commerce platforms, financial services, public sector databases, and telecommunications. A successful exploitation could lead to service outages, disrupting business continuity and potentially causing financial losses and reputational damage. Since the vulnerability requires high privileges, the threat is more significant in environments where internal users or compromised accounts have elevated access to MySQL servers. Network exposure of MySQL services increases risk, especially in multi-tenant cloud environments or poorly segmented networks. The lack of impact on confidentiality and integrity reduces the risk of data breaches but does not diminish the operational disruption caused by denial-of-service conditions. Additionally, organizations subject to strict regulatory requirements such as GDPR must consider the operational risks and potential non-compliance arising from service unavailability.

Mitigation Recommendations

1. Restrict network access to MySQL Server instances to trusted hosts and networks only, using firewalls and network segmentation to minimize exposure. 2. Enforce the principle of least privilege rigorously, ensuring that only necessary users have high privileges on MySQL servers. 3. Monitor and audit privileged user activities to detect anomalous behavior that could indicate exploitation attempts. 4. Implement robust authentication and access controls, including multi-factor authentication for administrative accounts. 5. Regularly update and patch MySQL Server as soon as Oracle releases a fix for this vulnerability; monitor Oracle security advisories closely. 6. Employ failover and redundancy mechanisms for MySQL services to minimize downtime in case of crashes. 7. Use intrusion detection and prevention systems (IDS/IPS) to identify and block suspicious network traffic targeting MySQL protocols. 8. Conduct penetration testing and vulnerability assessments focusing on MySQL Server configurations and access controls to identify and remediate weaknesses proactively.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
oracle
Date Reserved
2025-06-11T22:56:56.111Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 6876b00ba83201eaacd04478

Added to database: 7/15/2025, 7:46:19 PM

Last enriched: 7/22/2025, 8:42:13 PM

Last updated: 8/15/2025, 7:31:04 AM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats