CVE-2025-62360 is a critical SQL Injection vulnerability identified in the WeGIA web management system developed by LabRedesCefetRJ, targeting institutions primarily using Portuguese language software. The vulnerability resides in the id_dependente parameter of the /html/funcionario/dependente_documento.php endpoint in versions prior to 3.5.1. Improper neutralization of special elements in this parameter allows attackers to inject malicious SQL commands directly into the backend database query. This can lead to unauthorized data access, modification, or deletion, severely impacting the confidentiality, integrity, and availability of the database. The vulnerability is exploitable remotely without user interaction but requires high privileges, indicating that an attacker must have some level of authenticated access to exploit it. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) reflects network attack vector, low attack complexity, no user interaction, but requiring high privileges and causing high impact across confidentiality, integrity, and availability. Although no public exploits are currently reported, the critical nature and ease of exploitation make it a significant threat. The issue was resolved in WeGIA version 3.5.1, which properly sanitizes the id_dependente parameter to prevent SQL injection. Organizations using affected versions should upgrade immediately and review their database access controls and monitoring.

For European organizations, especially those in Portugal and countries with Portuguese-speaking populations, this vulnerability poses a severe risk. Exploitation could lead to unauthorized disclosure of sensitive institutional data, including personnel records and dependent documentation, potentially violating GDPR and other data protection regulations. Integrity of data could be compromised, leading to misinformation or operational disruption. Availability could also be affected if attackers execute destructive SQL commands or cause database corruption, resulting in downtime and loss of service continuity. The requirement for high privileges to exploit somewhat limits the attack surface but does not eliminate risk, as insider threats or compromised accounts could be leveraged. The critical CVSS score underscores the potential for significant operational and reputational damage. Given the institutional focus of WeGIA, attacks could disrupt educational or governmental services, amplifying the impact within Europe.

1. Immediate upgrade to WeGIA version 3.5.1 or later, where the vulnerability is patched. 2. Conduct a thorough audit of user privileges to ensure that only necessary personnel have high-level access, minimizing the risk of privilege abuse. 3. Implement strict input validation and parameterized queries if custom modifications or integrations exist beyond the vendor patch. 4. Deploy Web Application Firewalls (WAFs) configured to detect and block SQL injection attempts targeting the id_dependente parameter and related endpoints. 5. Monitor database logs and application logs for unusual query patterns or failed injection attempts. 6. Conduct regular security assessments and penetration testing focused on injection flaws. 7. Educate administrators and developers on secure coding practices and the importance of timely patching. 8. Consider network segmentation to isolate critical database servers from less trusted network zones. 9. Prepare incident response plans specifically addressing potential SQL injection exploitation scenarios.