CVE-2025-54788
Published: 07 August 2025
Summary
CVE-2025-54788 is a high-severity SQL Injection (CWE-89) vulnerability in Salesagility Suitecrm. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 31.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents SQL injection vulnerabilities like CVE-2025-54788 by enforcing validation and sanitization of inputs to the InboundEmail module before database queries.
Requires timely identification, reporting, and correction of flaws such as the SQL injection in SuiteCRM fixed in version 7.14.7.
Ensures the organization receives and acts on security advisories for vulnerabilities like CVE-2025-54788 to enable prompt patching.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Authenticated SQL injection in SuiteCRM (CRM software) enables arbitrary DB query execution for exploiting public-facing web apps (T1190), collecting data from CRM/databases (T1213.004/T1213.006), manipulating stored data (T1565.001), and destroying data (T1485).
NVD Description
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on confidentiality, integrity,…
more
and availability, as database data can be retrieved, modified, or removed entirely. This issue is fixed in version 7.14.7.
Deeper analysisAI
CVE-2025-54788 is a SQL injection vulnerability in the InboundEmail module of SuiteCRM, an open-source enterprise Customer Relationship Management (CRM) software application. The flaw allows arbitrary execution of queries against the backend database in affected versions and below, potentially compromising confidentiality, integrity, and availability by enabling data retrieval, modification, or deletion. It is rated 8.8 on the CVSS 3.1 scale (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-89. The issue was published on 2025-08-07 and fixed in SuiteCRM version 7.14.7.
An authenticated attacker with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation grants the ability to execute arbitrary SQL queries, leading to high-impact outcomes such as extracting sensitive database contents, altering records, or deleting data entirely, which could result in complete compromise of the CRM instance.
SuiteCRM's release notes and security advisory recommend upgrading to version 7.14.7, where the InboundEmail module has been patched to prevent arbitrary query execution. Relevant resources include the official documentation at https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_7 and the GitHub advisory at https://github.com/SuiteCRM/SuiteCRM/security/advisories/GHSA-v3m9-8wg7-c72x.
Details
- CWE(s)