cbcvebase.
CVE-2025-15467
published 2026-01-27

CVE-2025-15467: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact…

PriorityP274high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
47.62%
98.7th percentile
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.

Affected

24 ranges
VendorProductVersion rangeFixed in
debianopenssl< openssl 3.0.18-1~deb12u2 (bookworm)openssl 3.0.18-1~deb12u2 (bookworm)
github.comdunglas_frankenphp>= 0 < 1.1.111.1.11
opensslopenssl>= 0 < 3.0.19-r03.0.19-r0
opensslopenssl>= 0 < 3.3.6-r03.3.6-r0
opensslopenssl>= 0 < 3.3.6-r03.3.6-r0
opensslopenssl>= 0 < 3.5.5-r03.5.5-r0
opensslopenssl>= 0 < 3.5.5-r03.5.5-r0
opensslopenssl>= 0 < 3.0.18-1~deb12u23.0.18-1~deb12u2
opensslopenssl>= 0 < 3.5.4-1~deb13u23.5.4-1~deb13u2
opensslopenssl>= 0 < 3.5.5-13.5.5-1
opensslopenssl>= 0 < 3.0.2-0ubuntu1.213.0.2-0ubuntu1.21
opensslopenssl>= 0 < 3.0.13-0ubuntu3.73.0.13-0ubuntu3.7
opensslopenssl>= 0 < 3.5.3-1ubuntu33.5.3-1ubuntu3
opensslopenssl>= 0 < 1.0.1f-1ubuntu2.27+esm121.0.1f-1ubuntu2.27+esm12
opensslopenssl>= 0 < 1.0.2g-1ubuntu4.20+esm141.0.2g-1ubuntu4.20+esm14
opensslopenssl>= 0 < 1.1.1-1ubuntu2.1~18.04.23+esm71.1.1-1ubuntu2.1~18.04.23+esm7
opensslopenssl>= 0 < 1.1.1f-1ubuntu2.24+esm21.1.1f-1ubuntu2.24+esm2
opensslopenssl>= 0 < 3.0.2-0ubuntu1.21+Fips13.0.2-0ubuntu1.21+Fips1
opensslopenssl>= 3.0.0 < 3.0.193.0.19
opensslopenssl>= 3.1.0 < 3.3.63.3.6
opensslopenssl>= 3.3.0 < 3.3.63.3.6
opensslopenssl>= 3.4.0 < 3.4.43.4.4
opensslopenssl>= 3.5.0 < 3.5.53.5.5
opensslopenssl>= 3.6.0 < 3.6.13.6.1

Detection & IOCsextracted from sources · hover to see the quote

  • Detect CMS (Auth)EnvelopedData messages with oversized IV in ASN.1 parameters — the IV field should be 12 bytes for AES-GCM; any CMS message presenting a significantly larger IV value in the AEAD parameters block is a strong indicator of exploitation attempt.
  • Flag or block untrusted CMS/PKCS#7 messages using AEAD ciphers (e.g., AES-GCM) arriving via S/MIME (Auth)EnvelopedData channels, especially those where the IV length in the ASN.1 parameters exceeds the expected fixed size.
  • No valid key material is needed to trigger the overflow — treat any CMS AuthEnvelopedData/EnvelopedData parse crash or stack-smashing signal (e.g., __stack_chk_fail) in OpenSSL 3.0–3.6 processes as a potential exploitation indicator.
  • Monitor for exploitation of Kerberos PKINIT plugin paths, as this is a specific OpenSSL consumer identified as vulnerable to CVE-2025-15467 on Red Hat platforms.
  • Public exploits for CVE-2025-15467 have been reported as quickly developed online — prioritize detection of exploit tooling targeting OpenSSL CMS parsing in network and endpoint telemetry.
  • ·OpenSSL FIPS modules in versions 3.6, 3.5, 3.4, 3.3, and 3.0 are NOT affected because the CMS implementation is outside the FIPS module boundary — do not apply CMS-related detections to FIPS-only deployments.
  • ·OpenSSL 1.1.1 and 1.0.2 are NOT affected — detections and patching efforts should focus exclusively on OpenSSL 3.0 through 3.6.
  • ·On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which reduce RCE risk to DoS — adjust severity scoring accordingly for RHEL-based environments.
  • ·FrankenPHP Docker images based on Alpine/PHP/Go may carry vulnerable libcrypto3 if not rebuilt after upstream base image patches — pull latest tags to ensure updated base layers.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
ghsa8.8HIGH
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_ubuntu6.1MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.