Cybersecurity Vulnerabilities

Critical Security Update: CVE-2025-12742 Teradata Command Injection Vulnerability in Looker

November 25, 2025 - By 

Overview

This article provides information about a critical security vulnerability identified as CVE-2025-12742 affecting both Looker-hosted and self-hosted instances of Looker. This vulnerability allows a Looker user with a Developer role to potentially execute malicious commands due to insecure processing of Teradata driver parameters.

While Looker-hosted instances have already been mitigated, it is imperative that users with self-hosted instances take immediate action to upgrade to a patched version.

Technical Details

CVE-2025-12742 arises from the insufficient validation and sanitization of input parameters used when Looker connects to Teradata databases. A malicious actor with Developer privileges can craft specific Teradata driver parameters that, when processed by Looker, result in the execution of arbitrary commands on the underlying system. This could lead to unauthorized access, data breaches, or system compromise.

CVSS Analysis

Currently, the CVSS score for CVE-2025-12742 is N/A. However, given the potential for arbitrary command execution, this vulnerability should be treated with high severity and addressed promptly.

Possible Impact

Successful exploitation of CVE-2025-12742 could have severe consequences:

  • Unauthorized Access: An attacker could gain unauthorized access to sensitive data stored within Looker and potentially the underlying database.
  • Data Breaches: The vulnerability could be leveraged to exfiltrate confidential information, leading to a data breach.
  • System Compromise: Arbitrary command execution could allow an attacker to compromise the entire Looker server, potentially affecting other systems within the network.

Mitigation and Patch Steps

For Looker-hosted instances: No action is required. This issue has already been mitigated by Google Cloud.

For Self-hosted instances: It is crucial to upgrade your Looker instance to one of the following patched versions as soon as possible. You can download the latest versions from the Looker download page.

  • 24.12.108+
  • 24.18.200+
  • 25.0.78+
  • 25.6.65+
  • 25.8.47+
  • 25.12.10+
  • 25.14+

Please follow the official Looker upgrade documentation for detailed instructions on how to upgrade your instance.

References

Google Cloud Security Bulletin – GCP-2025-052
Looker Download Page

Published: 2025-11-25T06:15:45.333

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *