CVE-2025-8324
Published: 11 November 2025
Summary
CVE-2025-8324 is a critical-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 7.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
Zohocorp ManageEngine Analytics Plus versions 6170 and below contain an unauthenticated SQL injection vulnerability (CWE-89) stemming from improper filter configuration. The flaw carries a CVSS 3.1 base score of 9.8 with network attack vector, low complexity, and no required authentication or user interaction, allowing complete compromise of confidentiality, integrity, and availability.
An attacker with network access to the affected Analytics Plus instance can submit crafted requests that bypass filters and execute arbitrary SQL commands against the backend database. Successful exploitation grants the ability to read, modify, or delete data and potentially escalate to full system control without any credentials.
The vendor has published an advisory at https://www.manageengine.com/analytics-plus/CVE-2025-8324.html that addresses the issue. The associated EPSS score has remained flat at 0.0912 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-84350
Vulnerability details
Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated SQL injection in a public-facing web application directly enables T1190 (Exploit Public-Facing Application). Exploitation facilitates arbitrary SQL queries for data exfiltration from databases (T1213.006).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates unauthenticated SQL injection by requiring validation of all information inputs to block malicious SQL code execution.
Requires timely identification, reporting, and correction of flaws like this specific SQL injection vulnerability through patching.
Ensures establishment and enforcement of secure configuration settings, including proper filter configurations to address the improper filter causing the SQL injection.