SQL Injection Vulnerability in Rolantis Agentis Software
CVE-2025-4285

10CRITICAL

Key Information:

Vendor: Rolantis Information Technologies
Status: Agentis
Vendor: CVE Published:; 22 July 2025

🔔 Create Rolantis Information Technologies Vulnerability Alert

What is CVE-2025-4285?

An SQL Injection vulnerability exists in Rolantis Information Technologies' Agentis software, allowing attackers to manipulate SQL queries and execute unauthorized commands within the database. This flaw particularly impacts versions prior to 4.32, putting user data and overall system integrity at risk. Effective measures, including software updates and secure coding practices, are essential to mitigate this vulnerability and protect sensitive information.

Affected Version(s)

Agentis 0 < 4.32

References

https://www.usom.gov.tr/bildirim/tr-25-0168

third-party-advisory

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
May 5, 2025

Credit

Tunahan TEKEOGLU