CVE-2025-62728 is an SQL injection vulnerability identified in Apache Hive Metastore Server (HMS) versions from 4.1.0 up to but not including 4.2.0. The flaw exists in the handling of delete column statistics requests via the Thrift APIs, where improper neutralization of special SQL elements allows injection of malicious SQL commands. This vulnerability is classified under CWE-89, indicating improper input sanitization in SQL commands. Exploitation requires that the attacker be a trusted or authorized user or application with direct access to the HMS Thrift APIs, which in typical deployments are limited to a small set of internal services such as HiveServer2. The vulnerability is not exploitable if the configuration property metastore.try.direct.sql is set to false, as the vulnerable code path is bypassed. The Apache Software Foundation fixed this issue in version 4.2.0 of Apache Hive. The CVSS v3.1 base score is 5.4 (medium severity), reflecting network attack vector, low attack complexity, required privileges, no user interaction, and limited impact on confidentiality and integrity but no impact on availability. No public exploits have been reported, and the vulnerability was published on November 26, 2025. The vulnerability primarily threatens the confidentiality and integrity of metadata stored in the Hive Metastore, potentially allowing attackers to manipulate or delete metadata entries via crafted SQL commands. Since HMS is a critical component in big data ecosystems, exploitation could disrupt data processing workflows or lead to unauthorized data modifications.

For European organizations, the impact of CVE-2025-62728 depends largely on their deployment architecture of Apache Hive. Organizations using Hive for big data analytics, data warehousing, or ETL processes that expose HMS Thrift APIs beyond tightly controlled internal applications face a risk of unauthorized SQL injection attacks. Successful exploitation could lead to unauthorized modification or deletion of metadata, affecting data integrity and potentially causing downstream data processing errors or loss of trust in data accuracy. Confidentiality impact is limited but present, as attackers could infer or manipulate metadata. Availability is not directly impacted. Given the medium severity and the requirement for authenticated access, the threat is more relevant for organizations with complex or less restrictive internal network segmentation or those exposing HMS APIs to multiple applications or users. The risk is heightened in sectors with critical data processing needs such as finance, telecommunications, and research institutions prevalent in Europe. Additionally, regulatory frameworks like GDPR emphasize data integrity and protection, so metadata tampering could have compliance implications.

European organizations should prioritize upgrading Apache Hive to version 4.2.0 or later, where the vulnerability is patched. If immediate upgrade is not feasible, they must ensure the metastore.try.direct.sql property is set to false to disable the vulnerable code path. Access controls should be strictly enforced to limit HMS Thrift API access only to trusted and authorized applications, ideally restricting network access via firewall rules and network segmentation. Implement monitoring and logging of HMS API calls to detect anomalous or unauthorized requests. Conduct regular security audits of big data infrastructure to verify configuration compliance and access policies. Employ application-layer firewalls or API gateways where possible to add an additional layer of input validation and request filtering. Educate administrators and developers on secure configuration practices for Apache Hive and the risks of exposing internal APIs. Finally, integrate vulnerability management processes to promptly apply patches and configuration updates upon disclosure.