CVE-2025-27363
Published: 11 March 2025
Description
Adversaries may exploit software vulnerabilities in client applications to execute code.
Security Summary
CVE-2025-27363 is an out-of-bounds write vulnerability (CWE-787) affecting FreeType versions 2.13.0 and earlier. The flaw occurs during parsing of font subglyph structures in TrueType GX and variable font files, where a signed short value is assigned to an unsigned long, followed by addition of a static value that causes integer wrap-around. This results in allocation of an undersized heap buffer, after which up to six signed long integers are written out of bounds relative to the buffer.
Unauthenticated remote attackers can exploit the vulnerability over the network (AV:N), though it requires high attack complexity (AC:H) and no user interaction (UI:N) or privileges (PR:N). Successful exploitation can lead to arbitrary code execution, with high impacts on confidentiality, integrity, and availability (CVSS:3.1 base score of 8.1; C:H/I:H/A:H, S:U).
Mitigation requires upgrading to newer versions of FreeType, which are not vulnerable. Relevant advisories and discussions are available at https://www.facebook.com/security/advisories/cve-2025-27363 and oss-security mailing list threads including http://www.openwall.com/lists/oss-security/2025/03/13/1, http://www.openwall.com/lists/oss-security/2025/03/13/11, http://www.openwall.com/lists/oss-security/2025/03/13/12, and http://www.openwall.com/lists/oss-security/2025/03/13/2.
This vulnerability may have been exploited in the wild.
Details
- CWE(s)
- KEV Date Added
- 06 May 2025
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes an out-of-bounds write vulnerability in FreeType font parsing leading to arbitrary code execution, which directly enables Exploitation for Client Execution (T1203) via malicious font files.