Critical Vulnerability Information Vulnerability Title Non-authorized (without secret key) access to encrypted database using execute statement on external. Severity Severity: High (7.1/10) CVSS v3 base metrics: - Attack vector: Network - Attack complexity: High - Privileges required: Low - User interaction: None - Scope: Unchanged - Confidentiality: High - Integrity: High - Availability: Low Affected Scope Package: All Firebird versions starting with 4.0.0. Affected versions: <= 4.0.7, <= 5.0.3 Patched versions: Equal or greater than: 6.0.0.609, 5.0.2.1610, 4.0.6.3183 Description and Impact Connections stored in ExtConnPool are not verified for the presence and suitability of the CryptCallback interface used when they were created versus what is currently available. An additional issue with this vulnerability is that using an inappropriate CryptCallback interface may cause a segfault in the server process. To be impacted by this vulnerability, one must use ExtConnPool (i.e., set the ExtConnPoolSize parameter in firebird.conf to a non-zero value). An encrypted database accessed via an statement on external may later be accessed by an attachment that lacks the key to that database. In cases where statements are chained, a segfault may occur. Worse still, a segfault may occur even for unencrypted databases. Mitigation Currently, one can use the following or later snapshots: - 6.0.0.609 - 5.0.2.1610 - 4.0.6.3183 or point releases: - 5.0.2 - 4.0.6 The fix for #8429 included in these versions also resolves this GHSA. Solution Set in firebird.conf. This is the default value — i.e., if you have never modified it, you are not affected. CVE ID CVE-2025-24975 Weaknesses No CWEs