CVE-2025-54554 is a medium-severity vulnerability classified under CWE-863 (Incorrect Authorization) affecting the Tera Insights tiCrypt product, specifically the 'tiaudit' component. This vulnerability allows unauthenticated REST API requests to access sensitive information related to the underlying SQL queries and database structure. The flaw arises due to improper authorization checks in the tiaudit REST API endpoint, permitting attackers without any authentication to retrieve data that should be restricted. The exposure of SQL query details and database schema information can aid attackers in crafting more targeted attacks such as SQL injection or other database exploitation techniques. The vulnerability affects all versions of tiCrypt prior to the fixed date of 2025-07-17. The CVSS v3.1 base score is 5.3, reflecting a medium severity level, with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and confidentiality impact limited to partial information disclosure (C:L) without affecting integrity or availability. No known exploits are currently reported in the wild, and no official patches or mitigation links have been provided yet. The vulnerability was publicly disclosed on 2025-08-04, shortly after the reserved date of 2025-07-25.

For European organizations using Tera Insights tiCrypt, this vulnerability poses a risk of sensitive internal information leakage without requiring any authentication. Disclosure of SQL query structures and database schema details can facilitate further attacks such as SQL injection or privilege escalation, potentially leading to data breaches or unauthorized data manipulation. Although the immediate impact on integrity and availability is not indicated, the confidentiality breach can undermine trust, violate data protection regulations such as GDPR, and expose organizations to compliance penalties. Industries with critical data repositories, including finance, healthcare, and government sectors, are particularly vulnerable. The ease of exploitation (no authentication or user interaction required) increases the likelihood of opportunistic scanning and information gathering by attackers. However, the absence of known exploits in the wild suggests that active exploitation is not yet widespread, providing a window for proactive mitigation.

European organizations should immediately audit their use of Tera Insights tiCrypt, particularly the tiaudit REST API endpoints. Until an official patch is released, organizations should implement network-level access controls to restrict access to the tiaudit API, such as IP whitelisting, VPN-only access, or firewall rules limiting exposure to trusted internal networks. Monitoring and logging of REST API requests should be enhanced to detect unusual or unauthorized access patterns. If feasible, disable or restrict the tiaudit functionality temporarily to prevent unauthenticated access. Organizations should also engage with Tera Insights support channels to obtain official patches or updates as soon as they become available. Additionally, conducting internal penetration testing focusing on REST API endpoints can help identify any other authorization weaknesses. Finally, ensure that database credentials and permissions follow the principle of least privilege to minimize potential damage from information disclosure.