Summary: A new zero-day vulnerability (CVE-2025-1094) in PostgreSQL has been identified, enabling SQL injection via the psql interactive terminal, which has been linked to exploits against BeyondTrust Remote Support products. The exploitation of this PostgreSQL flaw has been confirmed as a critical component used in attacks, including those compromising systems at the US Treasury Department. Rapid7 has released patches and tools relating to this vulnerability, urging immediate attention from affected organizations.
Affected: PostgreSQL, BeyondTrust Remote Support, U.S. Treasury Department
Keypoints :
- Vulnerability allows SQL statements to trigger SQL injection within PostgreSQL’s psql terminal.
- Exploitation connects to remote code execution attacks against BeyondTrust systems, affecting US Treasury machines.
- Rapid7 has issued a Metasploit module for automating attacks on vulnerable BeyondTrust systems.