CVE-2025-64092
Published: 09 January 2026
Summary
CVE-2025-64092 is a high-severity SQL Injection (CWE-89) vulnerability in Zenitel Icx500 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-64092 is an SQL injection vulnerability (CWE-89) present in Zenitel products. It enables unauthenticated attackers to inject SQL requests into GET request parameters, allowing direct queries against the underlying database. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting network accessibility, low attack complexity, no required privileges or user interaction, and high confidentiality impact with no integrity or availability effects.
Unauthenticated remote attackers can exploit the vulnerability by sending specially crafted GET requests to the affected component. Exploitation grants direct read access to the database, enabling extraction of sensitive data stored within it.
Zenitel has published a security advisory detailing the vulnerability at https://www.zenitel.com/sites/default/files/2025-12/A100K12333%20Zenitel%20Security%20Advisory.pdf, which security practitioners should consult for mitigation guidance and patch information.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1761
Vulnerability details
This vulnerability allows unauthenticated attackers to inject an SQL request into GET request parameters and directly query the underlying database.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in public-facing web component enables remote unauthenticated exploitation (T1190) and direct database queries for sensitive data extraction (T1213.006).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2025-64092 by requiring timely patching of the SQL injection flaw in Zenitel products as detailed in the vendor advisory.
Prevents SQL injection exploitation by validating and sanitizing unauthenticated GET request parameters before they reach the database.
Restricts malicious SQL payloads in GET parameters through input type, format, and quantity limitations, reducing the attack surface for unauthenticated queries.