CVE-2025-27378 – CVE-2025-27378 is a SQL injection vulnerability... (How to Fix)

Q: What is the severity of CVE-2025-27378?

CVE-2025-27378 has a CVSS score of 8.6 (HIGH). CVE-2025-27378 is a SQL injection vulnerability in AES software where an inactive configuration prevents proper SQL parsing. Attackers can exploit this to execute arbitrary SQL queries when the configuration is disabled. This affects AES users with the vulnerable configuration setting.

📋 TL;DR

CVE-2025-27378 is a SQL injection vulnerability in AES software where an inactive configuration prevents proper SQL parsing. Attackers can exploit this to execute arbitrary SQL queries when the configuration is disabled. This affects AES users with the vulnerable configuration setting.

💻 Affected Systems

Products:

AES (Altium Enterprise Server)

Versions: Specific versions not specified in advisory

Operating Systems: Windows, Linux

Default Config Vulnerable: ✅ No

Notes: Vulnerability only exists when specific configuration preventing latest SQL parsing logic is not enabled

📦 What is this software?

On Prem Enterprise Server by Altium

View all CVEs affecting On Prem Enterprise Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or full system takeover via SQL injection escalation.

🟠

Likely Case

Unauthorized data access, privilege escalation, or data corruption through SQL injection attacks.

🟢

If Mitigated

Limited impact with proper input validation and configuration controls in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to vulnerable configuration state and ability to inject SQL

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in available reference

Vendor Advisory: https://www.altium.com/platform/security-compliance/security-advisories

Restart Required: Yes

Instructions:

1. Review Altium security advisory for specific patch version. 2. Apply the official patch from Altium. 3. Restart AES services. 4. Verify the configuration enabling latest SQL parsing logic is active.

🔧 Temporary Workarounds

Enable SQL parsing configuration

all

Activate the configuration that enables latest SQL parsing logic to prevent injection

Configuration steps depend on AES version and deployment - consult Altium documentation

Implement input validation

all

Add application-level input validation for all SQL-related inputs

Implement parameterized queries and input sanitization in application code

🧯 If You Can't Patch

Enable the configuration that activates latest SQL parsing logic immediately
Implement network segmentation and restrict database access to only necessary systems

🔍 How to Verify

Check if Vulnerable:

Check if AES configuration has latest SQL parsing logic disabled and review version against advisory

Check Version:

Check AES administration console or configuration files for version information

Verify Fix Applied:

Verify configuration shows latest SQL parsing logic enabled and confirm patch version matches fixed release

📡 Detection & Monitoring

Log Indicators:

Unusual SQL query patterns
Failed authentication attempts with SQL-like payloads
Configuration change logs showing SQL parsing disabled

Network Indicators:

Unusual database connection patterns
SQL injection payloads in HTTP requests

SIEM Query:

source="aes_logs" AND ("sql injection" OR "unusual query" OR "parsing disabled")

📊 Metadata

CVE ID: CVE-2025-27378

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE: CWE-20

EPSS Score: 0.05% exploit probability (16.1th percentile)

Published: January 22, 2026

Last Updated: February 26, 2026

🔗 References

https://www.altium.com/platform/security-compliance/security-advisories Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-27378, you might also want to check these: