Fault injection attacks pose significant threats to cryptographic systems, including SM9, which is based on bilinear pairings. Despite the widespread use of SM9, research on its vulnerability to such attacks remains limited. This letter introduces an innovative fault injection strategy targeting the SM9 signature process. By introducing a single-bit fault into the X-coordinate of the private key and analyzing the resulting changes, we construct an attack model using differential analysis. Based on this model, we derive a quadratic equation and solve it in a finite field, successfully extracting the private key information. Experimental results validate the feasibility of this approach, revealing a critical vulnerability in SM9's design. Our findings offer valuable insights into enhancing the security of SM9 and provide a foundation for developing effective defense strategies.