CVE-2025-60118 is a high-severity SQL Injection vulnerability affecting Potenzaglobalsolutions' PGS Core product up to version 5.9.0. The vulnerability stems from improper neutralization of special elements used in SQL commands (CWE-89), allowing an attacker with at least low privileges (PR:L) to inject malicious SQL code remotely (AV:N) without requiring user interaction (UI:N). The vulnerability impacts confidentiality severely (C:H), with no direct impact on integrity (I:N) and only a low impact on availability (A:L). The scope is changed (S:C), meaning the vulnerability can affect resources beyond the initially vulnerable component. Exploitation could allow an attacker to extract sensitive data from the backend database, potentially exposing confidential information such as user credentials, financial data, or proprietary business information. Although no known exploits are currently in the wild, the ease of exploitation is high due to low attack complexity (AC:L) and no user interaction required. The vulnerability requires some level of privilege, indicating that an attacker must have some authenticated access, but this could be a low-level user account. The lack of available patches at the time of publication increases the risk for organizations using PGS Core. Given the nature of SQL Injection, attackers could also attempt to escalate privileges or pivot within the network after successful exploitation. This vulnerability demands immediate attention to prevent data breaches and maintain system confidentiality.

For European organizations using PGS Core, this vulnerability poses a significant risk to the confidentiality of sensitive data stored in backend databases. Potential data breaches could lead to exposure of personal data protected under GDPR, resulting in regulatory penalties and reputational damage. The ability to execute SQL Injection attacks remotely with low complexity increases the likelihood of exploitation, especially in sectors with high-value data such as finance, healthcare, and government services. The partial impact on availability could disrupt services, though this is less severe than data exposure. The changed scope indicates that exploitation could affect multiple components or systems, amplifying the potential damage. Organizations relying on PGS Core for critical business functions may face operational disruptions and loss of customer trust if the vulnerability is exploited. Additionally, the requirement for some privilege means insider threats or compromised low-level accounts could be leveraged to exploit this vulnerability, emphasizing the need for strict access controls and monitoring.

1. Immediate implementation of strict input validation and parameterized queries within PGS Core to prevent SQL Injection. 2. Apply any forthcoming patches from Potenzaglobalsolutions as soon as they become available; monitor vendor communications closely. 3. Restrict user privileges to the minimum necessary, especially for accounts with database access, to reduce the risk of exploitation by low-privilege users. 4. Employ Web Application Firewalls (WAFs) with SQL Injection detection and prevention capabilities tailored to PGS Core traffic patterns. 5. Conduct thorough code reviews and penetration testing focused on SQL Injection vectors within PGS Core deployments. 6. Monitor database logs and application logs for unusual query patterns indicative of injection attempts. 7. Segment the network to isolate critical database servers from less trusted network zones to limit lateral movement post-exploitation. 8. Educate administrators and developers on secure coding practices and the risks associated with SQL Injection vulnerabilities. 9. Implement multi-factor authentication to reduce the risk of compromised credentials being used to exploit this vulnerability. 10. Prepare an incident response plan specifically addressing potential SQL Injection attacks to enable rapid containment and remediation.