MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
CVE-2012-5613
Score elevated to 9.0 because EPSS predicts 89% probability of exploitation within the next 30 days (top 0.5% of all CVEs). Confidence: see factors.
- No confirmed exploitation signals yet
No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.
- CVSS v3
- —
- EG Score
- 9.0(low)
- EPSS
- 98.1%
- KEV
- Not listed
Published
December 3, 2012
Last Modified
April 29, 2026
References (12)
- secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
- secalert@redhathttp://seclists.org/fulldisclosure/2012/Dec/6
- secalert@redhathttp://secunia.com/advisories/53372
- secalert@redhathttp://security.gentoo.org/glsa/glsa-201308-06.xml
- secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/02/3
- secalert@redhathttp://www.openwall.com/lists/oss-security/2012/12/02/4
- af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
- af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2012/Dec/6
- af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/53372
- af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201308-06.xml
- af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/12/02/3
- af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/12/02/4
Data Freshness Timeline
(refreshed 6× in last 7d / 27× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
- 2026-07-06 02:19 UTCEPSS rescore
- 2026-07-06 02:19 UTCEPSS rescore
- 2026-07-04 06:27 UTCEPSS rescore
- 2026-07-01 15:02 UTCEPSS rescore
- 2026-06-30 23:19 UTCEPSS rescore
- 2026-06-30 23:19 UTCEPSS rescore
- 2026-06-28 14:03 UTCEPSS rescore
- 2026-06-28 04:53 UTCEPSS rescore
- 2026-06-28 04:53 UTCEPSS rescore
- 2026-06-27 03:05 UTCEPSS rescore
- 2026-06-25 13:46 UTCEPSS rescore
- 2026-06-24 14:02 UTCEPSS rescore
- 2026-06-24 14:02 UTCEPSS rescore
- 2026-06-23 21:30 UTCEPSS rescore
- 2026-06-21 01:57 UTCEPSS rescore
- 2026-06-21 01:56 UTCEPSS rescore
- 2026-06-18 17:49 UTCEPSS rescore
- 2026-06-18 17:49 UTCEPSS rescore
- 2026-06-17 17:49 UTCEPSS rescore
- 2026-06-17 17:49 UTCEPSS rescore
- 2026-06-16 17:49 UTCEPSS rescore
- 2026-06-16 17:49 UTCEPSS rescore
- 2026-06-15 17:44 UTCEPSS rescore
- 2026-06-13 22:57 UTCEPSS rescore
- 2026-06-12 23:08 UTCEPSS rescore
Show 26 moreShow fewer
- 2026-06-11 13:56 UTCEPSS rescore
- 2026-06-10 13:18 UTCEPSS rescore
- 2026-06-07 15:22 UTCEPSS rescore
- 2026-06-05 22:44 UTCEPSS rescore
- 2026-06-05 22:44 UTCEPSS rescore
- 2026-06-05 06:08 UTCEPSS rescore
- 2026-06-05 06:08 UTCEPSS rescore
- 2026-06-01 13:49 UTCEPSS rescore
- 2026-06-01 13:49 UTCEPSS rescore
- 2026-05-31 00:14 UTCEPSS rescore
- 2026-05-31 00:14 UTCEPSS rescore
- 2026-05-29 13:41 UTCEPSS rescore
- 2026-05-29 13:41 UTCEPSS rescore
- 2026-05-29 01:41 UTCEG score recompute
- 2026-05-29 01:41 UTCGHSA enrichment
- 2026-05-28 13:42 UTCEPSS rescore
- 2026-05-28 13:42 UTCEPSS rescore
- 2026-05-28 13:42 UTCEPSS rescore
- 2026-05-26 07:16 UTCEPSS rescore
- 2026-05-26 07:16 UTCEPSS rescore
- 2026-05-22 21:15 UTCEPSS rescore
- 2026-05-22 21:15 UTCEPSS rescore
- 2026-05-22 21:15 UTCEPSS rescore
- 2026-05-21 22:39 UTCEPSS rescore
- 2026-05-18 21:29 UTCEPSS rescore
- 2026-05-18 21:29 UTCEPSS rescore
Publicly available exploits
(6 references)Working exploit code is in the public domain (2 Metasploit modules) (1 GitHub PoC) (3 Exploit-DB entries). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
- Exploit-DBEDB-35777✓ verifiedFirst seen Jan 13, 2015
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Open source ↗ - GitHub PoCHood3dRob1n/MySQL-Fu.rbFirst seen Feb 9, 2013
MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline analysis later), also includes Ruby port of Kingcope's CVE-2012-5613 Linux MySQL Privilege Escalation Exploit.
Open source ↗ - Exploit-DBEDB-23179✓ verifiedFirst seen Dec 6, 2012
Oracle MySQL (Windows) - MOF Execution (Metasploit)
Open source ↗ - Exploit-DBEDB-23077✓ verifiedFirst seen Dec 2, 2012
MySQL (Linux) - Database Privilege Escalation
Open source ↗ - Metasploitexploit/windows/mysql/mysql_start_up✓ verifiedFirst seen Dec 1, 2012
Oracle MySQL for Microsoft Windows FILE Privilege Abuse
Open source ↗ - Metasploitexploit/windows/mysql/mysql_mof✓ verifiedFirst seen Dec 1, 2012
Oracle MySQL for Microsoft Windows MOF Execution
Open source ↗
Frequently asked(4)
What is CVE-2012-5613?
When was CVE-2012-5613 disclosed?
Is CVE-2012-5613 actively exploited?
How do I remediate CVE-2012-5613?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2012-5613
Is Your Infrastructure Affected by CVE-2012-5613?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.