CVE-2025-9608 is a medium severity SQL Injection vulnerability affecting Portabilis i-Educar versions up to 2.10. The vulnerability resides in the /module/FormulaMedia/view component, specifically within the Formula de Cálculo de Média Page. The issue arises from improper sanitization or validation of the 'ID' argument, allowing an attacker to manipulate this parameter to inject malicious SQL code. This injection can be exploited remotely without requiring user interaction or elevated privileges, making it accessible to unauthenticated remote attackers. The vulnerability can lead to unauthorized access or modification of the underlying database, potentially exposing sensitive educational data or allowing data tampering. The CVSS 4.0 score of 5.3 reflects a medium severity, considering the attack vector is network-based, with low complexity, no privileges or user interaction required, but with limited impact on confidentiality, integrity, and availability. Although no known exploits are currently reported in the wild, the public disclosure of the vulnerability increases the risk of exploitation by threat actors. The lack of available patches or mitigations at the time of publication further heightens the urgency for affected organizations to implement protective measures.

For European organizations using Portabilis i-Educar, particularly educational institutions, this vulnerability poses a risk of unauthorized data access and manipulation. The potential exposure of student records, grades, and other sensitive educational information could lead to privacy violations under GDPR regulations, resulting in legal and reputational consequences. Additionally, data integrity issues could disrupt academic processes and reporting. The remote exploitability without authentication increases the threat surface, making it easier for attackers to target these systems. Given that i-Educar is an education management platform, any compromise could also impact operational availability, affecting the continuity of educational services. The medium severity rating suggests that while the impact is significant, it may not lead to full system compromise or widespread disruption unless combined with other vulnerabilities or misconfigurations.

European organizations should prioritize the following specific actions: 1) Immediate assessment of i-Educar deployments to identify affected versions (2.0 through 2.10). 2) Monitor vendor communications for official patches or updates addressing CVE-2025-9608 and apply them promptly upon release. 3) Implement Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the 'ID' parameter in the FormulaMedia module. 4) Conduct input validation and sanitization at the application level if custom modifications are possible, ensuring that the 'ID' parameter only accepts expected numeric or alphanumeric values. 5) Restrict network access to the i-Educar application to trusted IP ranges where feasible, reducing exposure to external attackers. 6) Enable detailed logging and monitoring of database queries and application access to detect anomalous activities indicative of exploitation attempts. 7) Educate IT staff and administrators about the vulnerability and encourage rapid incident response readiness. These measures go beyond generic advice by focusing on immediate tactical controls and proactive monitoring tailored to the specific vulnerability context.