CVE-2025-12405
BaseFortify
Publication date: 2025-11-10
Last updated on: 2025-11-12
Assigner: GoogleCloud
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| looker_studio | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Looker Studio allows a user with only report view access to copy a report and execute arbitrary SQL commands on the connected database. This happens because the copied report retains the original owner's stored database credentials, enabling the attacker to bypass permission restrictions and run malicious SQL queries through the 'Custom Query' feature on JDBC-based connectors like PostgreSQL. [1]
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can insert, delete, or exfiltrate data from your database without having direct access to credentials. This can lead to unauthorized data manipulation, data loss, or data theft, potentially compromising the integrity and confidentiality of your database. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual report copying activities by users with only view permissions in Looker Studio. Specifically, detection involves checking if a user with report view access copies a report and then uses the 'Custom Query' feature to execute SQL commands on the data source. A proof of concept involves steps such as accessing a victim's report with view-only rights, copying the report, managing and editing the PostgreSQL data source, and running malicious SQL queries. While no specific commands are provided, monitoring Looker Studio logs for report copy events by view-only users and subsequent custom query executions could help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The vulnerability was patched by Google and the fix was deployed to production by August 2025. No customer action is needed as per the official description. Immediate mitigation involves ensuring that your Looker Studio environment is updated with the latest patches released after July 21, 2025. Additionally, monitoring user activities for suspicious report copying and custom query executions can help mitigate risk until the patch is confirmed applied. [1]