CVE-2025-62507
Published: 04 November 2025
Description
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Security Summary
CVE-2025-62507 is a stack buffer overflow vulnerability in Redis, an open source in-memory database that persists on disk. The issue affects versions 8.2.0 and above, where a user can execute the XACKDEL command with multiple IDs to trigger the overflow, potentially leading to remote code execution. It is associated with CWE-20 (Improper Input Validation), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write), and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
An authenticated attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. By sending a specially crafted XACKDEL command containing multiple IDs, the attacker triggers the stack buffer overflow, potentially achieving remote code execution on the redis-server, resulting in high impacts to confidentiality, integrity, and availability.
The vulnerability is fixed in Redis version 8.2.3, as detailed in the official release notes and the associated GitHub security advisory (GHSA-jhjx-x4cf-4vm8). A workaround without patching involves using Redis ACL rules to restrict execution of the XACKDEL command by users. The fixing commit is available at https://github.com/redis/redis/commit/5f83972188f6e5b1d6f1940218c650a9cbdf7741.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The stack buffer overflow in Redis allows authenticated low-privilege remote attackers to achieve RCE on the redis-server process, directly facilitating Exploitation for Privilege Escalation (T1068) and Exploitation of Remote Services (T1210).