CVE-2025-66215 — Stack-based Buffer Overflow in Opensc

CWE-121 — Stack-based Buffer Overflow CWE-120 — Classic Buffer Overflow7 documents7 sources

Severity

6.8MEDIUMNVD

CNA3.8

EPSS

0.0%

top 95.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensc Opensc Project Opensc

Timeline

PublishedMar 30

Description

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5opensc/opensc< 0.27.0

▶NVDopensc_project/opensc< 0.27.0

▶Debianopensc_project/opensc< 0.27.0~rc1-1

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

OpenSC: Stack-buffer-overflow WRITE in card-oberthur↗2026-03-30

▶

OSV

CVE-2025-66215: OpenSC is an open source smart card tools and middleware↗2026-03-30

▶

📋Vendor Advisories

Red Hat

OpenSC: OpenSC: Stack-buffer-overflow with physical access via crafted smart card or USB device↗2026-03-30

▶

Debian

CVE-2025-66215: opensc - OpenSC is an open source smart card tools and middleware. Prior to version 0.27....↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-66215 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

Bugzilla

CVE-2025-66215 opensc: OpenSC: Stack-buffer-overflow with physical access via crafted smart card or USB device [fedora-all]↗2026-03-30

▶