CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC driver

lowCVE-2025-12967
Bulletin ID: AWS-2025-028 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/11/10 10:15 AM PDT Description: Amazon Aurora PostgreSQL a fully managed relational database engine that's compatible with PostgreSQL. We identified CVE-2025-12967, an issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. Impacted versions: - AWS JDBC Wrapper <2.6.5 - AWS Go Wrapper <2025-10-17 - AWS NodeJS Wrapper <2.0.1 - AWS Python Wrapper <1.4.0 - AWS ODBC driver <1.0.1

CSIRTS triage

vendor: Amazonproduct: Aurora PostgreSQLPrivilege escalationaffected: AWS JDBC Wrapper <2.6.5, AWS Go Wrapper <2025-10-17, AWS NodeJS Wrapper <2.0.1, AWS Python Wrapper <1.4.0, AWS ODBC driver <1.0.1
What
An issue may allow for privilege escalation to the rds_superuser role.
Who is affected
Low privilege authenticated users of the specified AWS wrappers.
Urgency
Remediation is important due to the potential for privilege escalation.
Action
Upgrade to versions equal to or greater than the specified thresholds.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Aurora PostgreSQL

Get an email when a new Aurora PostgreSQL advisory drops — max one per day, one-click unsubscribe.

Details

Source
AWS Security Bulletins (INTL · vendor-psirt · site)
Severity
low
Published
2026-06-05
Exploitation
Not in CISA KEV at last sync

Original advisory: https://aws.amazon.com/security/security-bulletins/rss/aws-2025-028/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2025-12967coverage & exploitation statusNVD · CVE.org

Recent advisories for Privilege Escalation in

A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.

More from AWS Security Bulletins