Privilege Escalation in MongoDB BI Connector ODBC Driver
CVE-2025-12100
8.8HIGH
What is CVE-2025-12100?
The MongoDB BI Connector ODBC driver contains an incorrect default permissions vulnerability that could lead to privilege escalation. This issue affects multiple versions, allowing unauthorized users to gain elevated access and potentially manipulate data or system functions. Promptly updating to the latest version is essential to mitigate this security risk.
Affected Version(s)
BI Connector ODBC driver Windows 1.0.0 <= 1.4.6
References
CVSS V4
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved