Vulnerability Description
Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet, potentially affecting data confidentiality, integrity, and availability. Users and administrators of affected product versions are advised to update to the latest versions immediately.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advantech | Iot Edge Linux Docker | < 2.0.2 |
| Advantech | Iot Edge Windows | < 2.0.2 |
| Advantech | Iotsuite Growth Linux Docker | < 2.0.2 |
| Advantech | Iotsuite Saas Composer | < 3.4.15 |
| Advantech | Iotsuite Starter Linux Docker | < 2.0.2 |
Related Weaknesses (CWE)
References
- https://www.csa.gov.sg/alerts-and-advisories/alerts/alerts-al-2026-001/MitigationThird Party Advisory
FAQ
What is CVE-2025-52694?
CVE-2025-52694 is a vulnerability with a CVSS score of 10.0 (CRITICAL). Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet...
How severe is CVE-2025-52694?
CVE-2025-52694 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-52694?
Check the references section above for vendor advisories and patch information. Affected products include: Advantech Iot Edge Linux Docker, Advantech Iot Edge Windows, Advantech Iotsuite Growth Linux Docker, Advantech Iotsuite Saas Composer, Advantech Iotsuite Starter Linux Docker.