CVE-2025-27836
Published: 25 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-27836 is a buffer overflow vulnerability (CWE-120) affecting Artifex Ghostscript versions before 10.05.0. The flaw occurs in the BJ10V device implementation, specifically a Print buffer overflow in the source file contrib/japanese/gdev10v.c. Published on 2025-03-25, it carries a CVSS v3.1 base score of 9.8, indicating critical severity due to its network accessibility and potential for severe impacts.
Remote, unauthenticated attackers can exploit this vulnerability over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) or user interaction (UI:N), and without changing scope (S:U). Successful exploitation enables high impacts on confidentiality (C:H), integrity (I:H), and availability (A:H), potentially allowing arbitrary code execution or system compromise via malicious PostScript input processed by the affected Ghostscript instance.
Advisories reference mitigation through upgrading to Ghostscript 10.05.0 or later, where the issue is addressed. Key resources include the Ghostscript bug tracker entry at https://bugs.ghostscript.com/show_bug.cgi?id=708192 and the Debian LTS announcement at https://lists.debian.org/debian-lts-announce/2025/04/msg00014.html.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The remote network-accessible buffer overflow in Ghostscript enables arbitrary code execution via malicious PostScript input with no authentication or user interaction, directly mapping to exploitation of a public-facing application.