Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
February 13, 2025 By Ryan Naraine
Security researchers at Rapid7 on Thursday flagged the discovery of a new zero-day vulnerability in PostgreSQL that appears to have been a critical component in a chain of attacks against a BeyondTrust Remote Support product.
The vulnerability, tagged as CVE-2025-1094, affects the PostgreSQL interactive terminal psql and allows SQL statements containing untrusted but correctly escaped input to trigger SQL injection.
In an interesting twist, Rapid7 is directly connecting the exploitation of the PostgreSQL bug to remote code execution attacks against BeyondTrust Remote Support systems. The hacks have successfully compromised machines at the US Treasury Department.
