CVE Tools
Sign in

CVE-2025-24975

Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External

Published: Aug 15, 2025Updated: Oct 9, 2025 Sources: CVE List NVDCWE-754
NVD MITRE
7.1CVSSHIGH
EPSS Score
0.5%
Top 62.8%
CISA KEV
Not in KEV
Exploits
2 Known
Remediation
Patch Available

Description

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when created versus what is available could result in a segfault in the server process. Encrypted databases, accessed by execute statement on external, may be accessed later by an attachment missing a key to that database. In a case when execute statement are chained, segfault may happen. Additionally, the segfault may affect unencrypted databases. This issue has been patched in snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 and point releases 4.0.6 and 5.0.2. A workaround for this issue involves setting ExtConnPoolSize equal to 0 in firebird.conf.

CVSS Vector Breakdown

AV:NAC:HPR:LUI:NS:UC:HI:HA:L
Exploitability
AV:NAttack Vector
Network
AC:HAttack Complexity
High
PR:LPrivileges Required
Low
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:HConfidentiality
High
I:HIntegrity
High
A:LAvailability
Low
Open in CVSS calculator →

Weaknesses

CWE-754

Affected Products

firebirdfirebirdsql
On-prem
Databases / relational
firebirdFirebirdSQL
On-prem
Databases / relational
firebirdsqloss-projectDatabasesaka firebird

Exploitability

2 exploit sources identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details
Official Patch Available
Workaround Available

References

https://github.com/FirebirdSQL/firebird/commit/658abd20449f72097fbbce57e8e6ae42ff837fb6
github.com
https://github.com/FirebirdSQL/firebird/issues/8429
github.com
https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-fx9r-rj68-7p69
github.com
and 2 more references View all →

Timeline

Published
Aug 15, 2025
Last Updated
Oct 9, 2025

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2025-24975 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows