Microsoft has disclosed a serious security flaw in SQL Server 2025 that could allow an attacker with even low-level database access to completely take over the underlying server. The vulnerability, designated CVE-2026-54117, was published on July 14, 2026, as part of the regular Patch Tuesday updates. It carries a CVSS 3.1 severity score of 8.8, placing it firmly in the “high” risk category.

The vulnerability at a glance

The bug is a deserialization of untrusted data weakness (CWE-502) that can be exploited by sending malicious payloads over the network. An authorized attacker—someone who already has a legitimate account, even with minimal privileges—can leverage the flaw to execute arbitrary code within the SQL Server process. Because no user interaction is required and attack complexity is low, a successful exploit can be automated and repeated reliably.

The CVSS vector breaks down as follows:

  • Attack Vector (AV): Network – The exploit can be delivered over a network connection, including the internet.
  • Attack Complexity (AC): Low – No special conditions or deep system knowledge are required for repeatable success.
  • Privileges Required (PR): Low – The attacker must have a valid SQL Server login, but it can be a minimal-privilege account.
  • User Interaction (UI): None – No one needs to click a link or open a file.
  • Scope (S): Unchanged – The impact is contained within the SQL Server process’s security context.
  • Impact (C/I/A): High/High/High – Full compromise of confidentiality, integrity, and availability.

These ratings mean that once an attacker obtains any level of database access—through stolen credentials, an application flaw, or lateral movement—they can potentially escalate to complete host control. The vulnerability does not require local or physical access, making it especially dangerous for SQL Server instances that are reachable from the network, whether directly exposed to the internet or sitting inside a corporate intranet.

How the attack works

At its core, CVE-2026-54117 arises because SQL Server improperly deserializes data from untrusted sources. Deserialization is the process of converting data from a stored format (like JSON or XML) back into live objects. When an application deserializes attacker-supplied data without rigorous validation, it can open the door to code execution. In this case, the vulnerable component exists inside the SQL Server service itself, meaning the code runs with the privileges of that process.

Microsoft’s advisory confirms that exploitation is “remotely exploitable” over a network and that “an attacker does not require significant prior knowledge of the system.” The exact technical details have not been publicly released, but deserialization bugs often involve crafting a specific object chain that, when reconstructed, triggers the execution of system commands. Although exploiting the flaw requires a working payload, the low complexity indicates that once such a payload is developed, it will work consistently across suitable targets.

Who is at risk

Home users and developers: If you run SQL Server 2025 on a personal machine for learning, testing, or small projects, the risk depends heavily on your network exposure. A local instance with no external connections is unlikely to be directly attacked, but if your machine is ever connected to a compromised network or if you enable remote access, the vulnerability becomes a serious threat.

Businesses and IT administrators: Any organization running SQL Server 2025 in a production environment must treat this as a priority. The most immediate danger is to instances that are directly reachable from the internet—perhaps through misconfigured firewall rules, a cloud virtual machine with a public IP, or a port-forwarded connection. However, even servers that are completely internal are vulnerable to lateral movement. An attacker who first breaches a lightly defended workstation or web server can then use stolen SQL credentials to compromise the database server. Once on the database host, they can steal sensitive data, plant ransomware, or move deeper into the network.

Cloud deployments: Users of Azure SQL Managed Instance or SQL Server on Azure VMs may be affected if they run the vulnerable on-premises build and haven’t yet applied the patch. Microsoft’s advisory lists the fixed versions for both the Cumulative Update (CU) and General Distribution Release (GDR) servicing branches. Cloud administrators should verify their instances’ patch levels and ensure automated patching or manual updates are completed.

Service accounts and permissions: SQL Server typically runs under a specific Windows service account, such as a domain user, managed service account, or the built-in NT Service\\MSSQLSERVER. Any code executed through this vulnerability runs with those privileges. If the service account has excessive rights—like local administrator or domain permissions—the impact of a breach becomes catastrophic. Reviewing and tightening those privileges is a critical defensive measure.

How we got here

CVE-2026-54117 is the latest in a series of high-impact deserialization flaws that have affected various Microsoft products over the years. While SQL Server itself has a strong security track record, the complexity of modern software and the inclusion of rich data-handling features inevitably introduce attack surface. This particular vulnerability was reported through Microsoft’s regular disclosure process and fixed in the July 2026 security update cycle.

The fix arrives through two separate servicing pipelines: the Cumulative Update (CU) branch, which includes all fixes and improvements up to that point, and the General Distribution Release (GDR) branch, which supplies only the security fix. Organizations that normally stay on GDR for stability can apply the narrow security update without adopting the entire CU. This flexible model is standard for SQL Server, but it also means you must be certain which branch your instance follows before patching.

What to do now: a step-by-step patching guide

1. Inventory your SQL Server 2025 instances

Run the following query on every server you manage to determine the exact build number:

SELECT @@VERSION

Look for version numbers that start with 17.0. Compare against these safe builds:

  • Cumulative Update (CU): 17.0.4060.2 or higher
  • General Distribution Release (GDR): 17.0.1125.2 or higher

If your build is lower, you are vulnerable and must update. Don’t guess—verify each instance individually.

2. Choose the correct update

  • If your instance currently runs a cumulative update, apply the latest CU that includes the fix (17.0.4060.2 or later).
  • If your instance stays on the GDR branch, apply only the GDR security update (17.0.1125.2).
  • Do not switch branches casually; mixing branches can cause update failures or feature discrepancies.

Download the patches from the Microsoft Update Catalog or use your preferred deployment tool (WSUS, SCCM, Azure Update Manager). For cloud VMs, consider applying updates during a planned maintenance window.

3. Lock down network access

While the patch is being deployed, close unnecessary paths to your SQL Server. Key actions:

  • Remove any internet-accessible SQL Server ports (default 1433 and any custom ports) from your firewall or security group rules.
  • Restrict SQL Server connectivity to only the application servers, management IPs, and jump hosts that truly need it.
  • Review cloud load balancer, NAT gateway, and VPN configurations; SQL Server Browser service (UDP 1434) can leak instance information and should be disabled if not required.
  • Apply network segmentation: keep database servers in a dedicated subnet that blocks inbound traffic from untrusted zones.

4. Harden accounts and monitor for signs of compromise

  • Rotate credentials: Change all SQL Server logins, especially service accounts, application accounts, and any accounts that have low-privilege access. An attacker who captured such credentials can still use them until they are changed.
  • Review service account rights: The SQL Server service should not run with local administrator or domain admin privileges. Use the principle of least privilege: a domain user with the necessary ACLs is often sufficient.
  • Enable logging: Turn on SQL Server audit, failed login tracking, and Windows event log monitoring. Watch for unusual connection attempts, login failures, and child processes spawned by the SQL Server service—especially commands like cmd.exe, powershell.exe, or unexpected network connections originating from sqlservr.exe.
  • Apply additional security measures: If possible, enable Always Encrypted for sensitive columns, enforce multi-factor authentication for database administrators, and use just-in-time access solutions to limit exposure.

Until the patch is applied universally, these defensive layers are your best bet for reducing the chance of a successful attack.

What comes next

No public proof-of-concept exploit has been linked to CVE-2026-54117 as of July 14, 2026, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) had not observed any active exploitation at that time. That status will likely change. With network reachability, low complexity, and a high-impact payload, this vulnerability is a prime candidate for rapid exploit development. IT teams should expect working exploits to appear within weeks, if not days, and should treat the patching window as extremely short.

Microsoft will undoubtedly release additional guidance if in-the-wild attacks surface. Monitor the Security Response Center page for this CVE and subscribe to your SQL Server update channel. Because deserialization bugs can sometimes be mitigated through configuration changes before patching, watch for any such interim advice.

The bigger picture remains clear: SQL Server 2025 is a new release with a long lifecycle ahead, and security will be an ongoing responsibility. Patching early, segmenting networks, and locking down service accounts are habits that pay off well beyond this single vulnerability.