June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
TAG-124: The Emerging Threat Behind Targeted Malware Campaigns – Active IOCs
April 29, 2025
LokiBot Malware – Active IOCs
April 29, 2025
TAG-124: The Emerging Threat Behind Targeted Malware Campaigns – Active IOCs
April 29, 2025
LokiBot Malware – Active IOCs
April 29, 2025
Severity
Medium
Analysis Summary
CVE-2025-30703 CVSS:2.7
Vulnerability in the MySQL Server product of Oracle MySQL. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data.
CVE-2025-30704 CVSS:4.4
A vulnerability exists in Oracle MySQL Server. This vulnerability affects the Server: Components Services component and is considered difficult to exploit. An attacker with high-level network privileges can potentially compromise the MySQL Server through multiple protocols. If successfully exploited, the vulnerability could allow an unauthorized attacker to cause repeated system crashes or hang the MySQL Server, leading to a denial-of-service condition.
CVE-2025-30705 CVSS:4.9
A vulnerability exists in Oracle MySQL Server. The issue affects the Server: PS component and can be easily exploited by a high-privileged attacker with network access through multiple protocols. An attacker can potentially cause a hang or frequent crash of the MySQL Server, resulting in a denial of service (DOS) condition.
CVE-2025-30688 CVSS:6.5
Vulnerability in the MySQL Server product of Oracle MySQL. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2025-30689 CVSS:4.9
A vulnerability exists in Oracle MySQL Server product. This security issue is easily exploitable by a high-privileged attacker with network access through multiple protocols. An attacker can potentially cause a hang or frequent crash of the MySQL Server, resulting in a complete denial of service.
CVE-2025-30693 CVSS:5.5
Vulnerability in the MySQL Server product of Oracle MySQL. An easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data.
Impact
- Privilege Escalation
- Data Manipulation
- Denial of Service
- Gain Access
Indicators of Compromise
CVE
CVE-2025-30703
CVE-2025-30704
CVE-2025-30705
CVE-2025-30688
CVE-2025-30689
CVE-2025-30693
Affected Vendors
Oracle
Affected Products
- Oracle Mysql Server - 8.0.0 - 8.0.41
- Oracle Mysql Server - 8.4.0 - 8.4.4
- Oracle Mysql Server - 9.0.0 - 9.2.0
Remediation
Refer to the Oracle Security Advisory for patch, upgrade, or suggested workaround information.
