CVE-2025-52694 (CVSS 10): Critical Advantech SQL Injection Exposes IoT Devices

The Cyber Security Agency of Singapore (CSA) has issued a high-priority alert regarding a devastating vulnerability in Advantech’s IoT product line. The flaw, tracked as CVE-2025-52694, carries the maximum possible CVSS score of 10.0, indicating a critical threat that requires immediate attention from administrators.

The vulnerability is a SQL Injection flaw. According to the advisory, successful exploitation allows an “unauthenticated remote attacker to execute arbitrary SQL commands”.

This means that if a vulnerable service is exposed to the Internet, an attacker does not need a username or password to strike. They can simply send malicious commands to the database, potentially stealing sensitive data, modifying system configurations, or gaining full control over the connected IoT infrastructure.

The vulnerability was discovered by Mr. Loi Nguyen Thang from the HCMUTE Information Security Club, who collaborated with Advantech and CSA on the coordinated disclosure.

The vulnerability impacts several components of Advantech’s IoT ecosystem, particularly older versions of their management and edge software. The affected list includes:

• IoTSuite SaaSComposer: Versions prior to 3.4.15
• IoTSuite Growth Linux docker: Versions prior to V2.0.2
• IoTSuite Starter Linux docker: Versions prior to V2.0.2
• IoT Edge Linux docker: Versions prior to V2.0.2
• IoT Edge Windows: Versions prior to V2.0.2

Users and administrators are advised to update to the latest versions immediately to close this security gap. The update path varies by product:

• Manual Request: Users of IoTSuite SaaSComposer, IoTSuite Growth Linux docker, and IoT Edge Windows must contact Advantech support directly to obtain the official fixed version.
• Direct Download: Updates for IoTSuite Starter Linux docker and IoT Edge Linux docker are available for download via Advantech’s official channels.

Related Posts:

• Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases
• Over-the-Air Vulnerabilities in Advantech EKI Access Points Put Industrial Networks at Risk
• Microsoft Announces Official Open Source Azure IoT Edge
• Critical Docker Desktop Vulnerability Exposes Host Systems to Container Abuse

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy