{"id":7225,"date":"2026-04-06T14:28:07","date_gmt":"2026-04-06T19:28:07","guid":{"rendered":"https:\/\/andreas-wolter.com\/?p=7225"},"modified":"2026-04-06T17:29:42","modified_gmt":"2026-04-06T22:29:42","slug":"2604_sqlserver_privilegeescalation_databasemanager","status":"publish","type":"post","link":"https:\/\/andreas-wolter.com\/en\/2604_sqlserver_privilegeescalation_databasemanager\/","title":{"rendered":"SQL Server Privilege Escalation via DatabaseManager-role: Newly discovered Attack Paths Explained"},"content":{"rendered":"\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-m0cxh8ps-c09da2b06be865d81607504f667c23aa\">\n#top .av-special-heading.av-m0cxh8ps-c09da2b06be865d81607504f667c23aa{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-m0cxh8ps-c09da2b06be865d81607504f667c23aa .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-m0cxh8ps-c09da2b06be865d81607504f667c23aa .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-m0cxh8ps-c09da2b06be865d81607504f667c23aa av-special-heading-h3 blockquote modern-quote  avia-builder-el-0  el_before_av_textblock  avia-builder-el-first '><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >SQL Server Privilege Escalation via DatabaseManager-role: Newly discovered Attack Paths Explained<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div>\r\n\r\n<section  class='av_textblock_section av-m0cxgkjy-c935304b4106b45214698f40e83a9894 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>First of all: full credit to Emad Al-Mousa for identifying and publishing two privilege escalation paths.<\/p>\n<p>His findings show how <strong>members of the ##MS_DatabaseManager## server-role in SQL Server can escalate to sysadmin<\/strong> by chaining existing functionality in unexpected ways.<\/p>\n<p>He has published his findings responsibly after more than 8 months\u2019 notice to MSRC: <a href=\"https:\/\/databasesecurityninja.wordpress.com\/2026\/04\/02\/microsoft-sql-server-privilege-elevation-through-ms_databasemanager-role-cve-2025-24999\/\" target=\"_blank\" rel=\"noopener\">Microsoft SQL Server Privilege Elevation Through ##MS_DatabaseManager## Role [CVE-2025-24999]<\/a><\/p>\n<h2>Elevation attack details<\/h2>\n<p>The first elevation attack abused the <em>sp_syspolicy_purge_history<\/em>-stored procedure and was fixed recently (Security update for SQL Server 2022 CU23+GDR and Security update for SQL Server 2025 CU2+GDR).<\/p>\n<p>Emad then identified a second method that allows escalation to sysadmin via a different path:<\/p>\n<p><strong>Simplified flow:<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7226\" src=\"https:\/\/andreas-wolter.com\/wp-content\/uploads\/2026\/04\/202603_SQLServer_PrivilegeEscalation_Path_DatabaseManager_sysadmin.jpg\" alt=\"\" width=\"1000\" height=\"548\" srcset=\"https:\/\/andreas-wolter.com\/wp-content\/uploads\/2026\/04\/202603_SQLServer_PrivilegeEscalation_Path_DatabaseManager_sysadmin.jpg 1000w, https:\/\/andreas-wolter.com\/wp-content\/uploads\/2026\/04\/202603_SQLServer_PrivilegeEscalation_Path_DatabaseManager_sysadmin-300x164.jpg 300w, https:\/\/andreas-wolter.com\/wp-content\/uploads\/2026\/04\/202603_SQLServer_PrivilegeEscalation_Path_DatabaseManager_sysadmin-768x421.jpg 768w, https:\/\/andreas-wolter.com\/wp-content\/uploads\/2026\/04\/202603_SQLServer_PrivilegeEscalation_Path_DatabaseManager_sysadmin-705x386.jpg 705w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<p>At a high level, the attack paths rely on:<\/p>\n<ul>\n<li>Database lifecycle operations (create \/ drop \/ modify)<\/li>\n<li>Indirect execution through system components<\/li>\n<li>Execution paths that eventually run under elevated privileges<\/li>\n<\/ul>\n<p>This is a perfect example of how <strong>legitimate capabilities can be chained into a privilege escalation path<\/strong>.<\/p>\n<p>It also highlights recurring risk areas:<\/p>\n<ul>\n<li>Indirect execution paths<\/li>\n<li>Overly broad permissions<\/li>\n<li>Assumptions about \u201csafe\u201d capabilities<\/li>\n<\/ul>\n<h3>Key insight<\/h3>\n<p>Emad also points out an important observation:<\/p>\n<p>\u201cYou don\u2019t necessarily need the server-level role ##MS_DatabaseManager## &#8211; ALTER ANY DATABASE is sufficient.\u201d<\/p>\n<p>I will come back to this in a follow-up article.<\/p>\n<h2>Current state<\/h2>\n<p>Microsoft decided not to fix the second path and instead updated the documentation (July 2025, after MSRC notification).<\/p>\n<p>(<a href=\"https:\/\/learn.microsoft.com\/en-us\/sql\/relational-databases\/security\/authentication-access\/server-level-roles?view=sql-server-ver17#fixed-server-level-roles-introduced-in-sql-server-2022\" target=\"_blank\" rel=\"noopener\">Fixed server-level roles introduced in SQL Server 2022<\/a> )<\/p>\n<p>Given the relatively silent nature of that change, when I mentioned this recently on LinkedIn, I received comments and private messages, telling the same story:<\/p>\n<p>no one was aware of this (including myself until recently).<\/p>\n<p>Also notable:<\/p>\n<p>No common baseline I am aware of flags this<\/p>\n<ul>\n<li>DISA STIG<\/li>\n<li>CIS Benchmarks<\/li>\n<li>Microsoft Defender for SQL (VA)<\/li>\n<\/ul>\n<h2>Practical implications and my recommendations<\/h2>\n<p>If this is not going to be addressed in the product, it needs to be considered part of the threat model.<\/p>\n<p><strong>2) Review permissions<\/strong><\/p>\n<p>Identify accounts with:<\/p>\n<ul>\n<li>ALTER ANY DATABASE<\/li>\n<li>Membership in ##MS_DatabaseManager##<\/li>\n<\/ul>\n<p><strong>2) Ensure Server Auditing<\/strong><br \/>\nIf you are following solid auditing practices, you should already have visibility here.<\/p>\n<p>If not, this is the time to implement it<\/p>\n<p>(see: <a href=\"https:\/\/andreas-wolter.com\/en\/202507_recommended_security_auditing_databases_sql_server\/\">Recommendation for Security Auditing for databases \u2013 with example for Microsoft SQL Server<\/a> )<\/p>\n<p>Focus on:<\/p>\n<ul>\n<li>Changes to role membership<\/li>\n<li>Attempts to alter login privileges (takeover scenarios)<\/li>\n<\/ul>\n<p>Also described in detail here by Emad: <a href=\"https:\/\/databasesecurityninja.wordpress.com\/2025\/12\/24\/sql-server-2025-privilege-elevation-from-alter-any-login-permission-to-sysadmin-role-vulnerability\/\" target=\"_blank\" rel=\"noopener\">https:\/\/databasesecurityninja.wordpress.com\/2025\/12\/24\/sql-server-2025-privilege-elevation-from-alter-any-login-permission-to-sysadmin-role-vulnerability\/<\/a> )<\/p>\n<p><strong>3) Add Database Auditing on system Databases<\/strong><\/p>\n<ul>\n<li>Monitor Changes to system objects in msdb and master.<\/li>\n<\/ul>\n<p>These are key points in the demonstrated attack paths.<br \/>\n(More on that in a follow-up article.)<\/p>\n<h2>A note on assessments<\/h2>\n<p>Does this get detected in real-world security assessments?<\/p>\n<p>Yes &#8211; in our case, this is covered in the <a href=\"https:\/\/sarpedonqualitylab.us\/services\/#securityassessment\" target=\"_blank\" rel=\"noopener\"><strong>Sarpedon Quality Lab Security Assessmen<\/strong>t<\/a> (Standard and Premium tiers), even though this exact escalation path was not explicitly modeled yet.<\/p>\n<h2>Going deeper<\/h2>\n<p>If you\u2019re interested in how these kinds of privilege escalation paths emerge in real-world environments &#8211; and <strong>how to systematically detect and prevent them<\/strong> <strong>&#8211; I\u2019ll be covering SQL Server Security in depth in my full-day pre-conference session<\/strong>: \u201c<a href=\"https:\/\/passdatacommunitysummit.com\/about\/news\/pre-con-sessions-speaker-annoucement-for-pass-summit-east-and-europe\/\" target=\"_blank\" rel=\"noopener\">SQL Server Security vs. Security Theater: Build a Defensible Data Estate\u201d PASS Data Community Summit<\/a> (Chicago), May 7<\/p>\n<h2>Closing<\/h2>\n<p>Again, full credit to Emad for surfacing these paths.<\/p>\n<p>This is a good reminder that security issues are often not about missing features<\/p>\n<p>but about how existing features interact.<\/p>\n<p>Andreas<\/p>\n<\/div><\/section>\r\n\r\n<div  class='hr av-baku8u-c77559299fb7cb036a9bcb2d27e7c839 hr-default  avia-builder-el-2  el_after_av_textblock  el_before_av_social_share '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\r\n\r\n<div  class='av-social-sharing-box av-5n5vpa-78ffdd9d224b4a246af65bdc00dce900 av-social-sharing-box-default  avia-builder-el-3  el_after_av_hr  el_before_av_hr  av-social-sharing-box-fullwidth'><div class=\"av-share-box\"><h5 class='av-share-link-description av-no-toc '>Share article<\/h5><ul class=\"av-share-box-list noLightbox\"><li class='av-share-link av-social-link-facebook' ><a target=\"_blank\" aria-label=\"Share on Facebook\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https:\/\/andreas-wolter.com\/en\/2604_sqlserver_privilegeescalation_databasemanager\/&#038;t=SQL%20Server%20Privilege%20Escalation%20via%20DatabaseManager-role%3A%20Newly%20discovered%20Attack%20Paths%20Explained\" aria-hidden=\"false\" data-av_icon=\"\ue8f3\" data-av_iconfont=\"entypo-fontello\" title=\"\" data-avia-related-tooltip=\"Share on Facebook\" rel=\"noopener\"><span class='avia_hidden_link_text'>Share on Facebook<\/span><\/a><\/li><li class='av-share-link av-social-link-twitter' ><a target=\"_blank\" aria-label=\"Share on Twitter\" href=\"https:\/\/twitter.com\/share?text=SQL%20Server%20Privilege%20Escalation%20via%20DatabaseManager-role%3A%20Newly%20discovered%20Attack%20Paths%20Explained&#038;url=https:\/\/andreas-wolter.com\/en\/?p=7225\" aria-hidden=\"false\" data-av_icon=\"\ue8f1\" data-av_iconfont=\"entypo-fontello\" title=\"\" data-avia-related-tooltip=\"Share on Twitter\" rel=\"noopener\"><span class='avia_hidden_link_text'>Share on Twitter<\/span><\/a><\/li><li class='av-share-link av-social-link-linkedin' ><a target=\"_blank\" aria-label=\"Share on LinkedIn\" href=\"https:\/\/linkedin.com\/shareArticle?mini=true&#038;title=SQL%20Server%20Privilege%20Escalation%20via%20DatabaseManager-role%3A%20Newly%20discovered%20Attack%20Paths%20Explained&#038;url=https:\/\/andreas-wolter.com\/en\/2604_sqlserver_privilegeescalation_databasemanager\/\" aria-hidden=\"false\" data-av_icon=\"\ue8fc\" data-av_iconfont=\"entypo-fontello\" title=\"\" data-avia-related-tooltip=\"Share on LinkedIn\" rel=\"noopener\"><span class='avia_hidden_link_text'>Share on LinkedIn<\/span><\/a><\/li><\/ul><\/div><\/div>\r\n\r\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-4ofg9q-c2108540b480aba02923089240a3a176\">\n#top .hr.hr-invisible.av-4ofg9q-c2108540b480aba02923089240a3a176{\nheight:50px;\n}\n<\/style>\n<div  class='hr av-4ofg9q-c2108540b480aba02923089240a3a176 hr-invisible  avia-builder-el-4  el_after_av_social_share  el_before_av_comments_list '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\r\n\r\n<div  class='av-buildercomment av-284ftq-f5a1564cd6b8ffad6ce835e2d40de4b7  av-blog-meta-author-disabled av-blog-meta-html-info-disabled'><\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":4,"featured_media":7226,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[57],"tags":[206,258],"class_list":["post-7225","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-en","tag-sql-security","tag-sysadmin-en"],"_links":{"self":[{"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/posts\/7225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/comments?post=7225"}],"version-history":[{"count":3,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/posts\/7225\/revisions"}],"predecessor-version":[{"id":7235,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/posts\/7225\/revisions\/7235"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/media\/7226"}],"wp:attachment":[{"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/media?parent=7225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/categories?post=7225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/andreas-wolter.com\/en\/wp-json\/wp\/v2\/tags?post=7225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}