CVE-2025-62360 is a critical SQL Injection vulnerability classified under CWE-89 affecting the WeGIA open source Web Manager for Institutions, primarily used by Portuguese language users. The vulnerability resides in the id_dependente parameter of the /html/funcionario/dependente_documento.php endpoint in versions prior to 3.5.1. Due to improper neutralization of special elements in SQL commands, attackers can inject malicious SQL code, enabling unauthorized execution of arbitrary SQL queries. This can result in unauthorized data disclosure, data modification, or deletion, and potentially full database compromise. The vulnerability requires no user interaction but does require high privileges, indicating that an attacker must have some level of authenticated access to exploit it. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) reflects network attack vector, low attack complexity, no user interaction, but high privileges required and high impact on confidentiality, integrity, and availability. Although no exploits are currently known in the wild, the severity and ease of exploitation by privileged users make it a critical threat. The issue is resolved in WeGIA version 3.5.1, which should be applied promptly.

For European organizations using WeGIA, this vulnerability poses a significant risk to the confidentiality, integrity, and availability of institutional data. Successful exploitation could lead to unauthorized data access, data corruption, or deletion, disrupting institutional operations and potentially causing regulatory compliance violations, especially under GDPR. The impact is particularly severe for educational institutions, government agencies, or any organizations managing sensitive personal or institutional data through WeGIA. The requirement for high privileges to exploit the vulnerability means insider threats or compromised privileged accounts could be leveraged by attackers. The disruption of database availability could also affect service continuity, leading to operational downtime and reputational damage. Given the critical CVSS score and the nature of the vulnerability, the threat is substantial for any European entity relying on this software.

1. Immediately upgrade all WeGIA installations to version 3.5.1 or later, where the vulnerability is fixed. 2. Restrict and audit privileged user access to the WeGIA system to minimize the risk of exploitation by insiders or compromised accounts. 3. Implement strict input validation and parameterized queries if custom modifications exist to further reduce SQL injection risks. 4. Monitor database logs and application logs for unusual or unauthorized SQL queries, especially those targeting the id_dependente parameter. 5. Conduct regular security assessments and penetration testing focused on SQL injection vectors within WeGIA deployments. 6. Employ web application firewalls (WAFs) with rules designed to detect and block SQL injection attempts targeting WeGIA endpoints. 7. Educate administrators and developers about secure coding practices and the importance of timely patching. 8. Review and tighten database permissions to ensure the application operates with the least privilege necessary.