CVE-2025-54493 (GCVE-0-2025-54493)
Vulnerability from cvelistv5
Published
2025-08-25 13:53
Modified
2025-08-25 18:22
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131: else if (tag==131) //0x83 { // Patient Age if (len!=7) fprintf(stderr,"Warning MFER tag131 incorrect length %i!=7\n",len); curPos += ifread(buf,1,len,hdr);
References
talos-cna@cisco.comhttps://talosintelligence.com/vulnerability_reports/TALOS-2025-2234Exploit, Third Party Advisory
Impacted products
Vendor Product Version
The Biosig Project libbiosig Version: 3.9.0
Version: Master Branch (35a819fa)
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-54493",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-25T18:21:39.374220Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-25T18:22:08.119Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libbiosig",
          "vendor": "The Biosig Project",
          "versions": [
            {
              "status": "affected",
              "version": "3.9.0"
            },
            {
              "status": "affected",
              "version": "Master Branch (35a819fa)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Mark Bereza and Lilith \u0026gt;_\u0026gt; of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131:\r\n\r\n                else if (tag==131)    //0x83\r\n                {\r\n                    // Patient Age\r\n                    if (len!=7) fprintf(stderr,\"Warning MFER tag131 incorrect length %i!=7\\n\",len);\r\n                    curPos += ifread(buf,1,len,hdr);"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-25T13:53:46.822Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2025-54493",
    "datePublished": "2025-08-25T13:53:46.822Z",
    "dateReserved": "2025-07-23T14:45:55.836Z",
    "dateUpdated": "2025-08-25T18:22:08.119Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-54493\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2025-08-25T14:15:36.037\",\"lastModified\":\"2025-09-02T16:42:46.180\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131:\\r\\n\\r\\n                else if (tag==131)    //0x83\\r\\n                {\\r\\n                    // Patient Age\\r\\n                    if (len!=7) fprintf(stderr,\\\"Warning MFER tag131 incorrect length %i!=7\\\\n\\\",len);\\r\\n                    curPos += ifread(buf,1,len,hdr);\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n de an\u00e1lisis MFER de The Biosig Project libbiosig 3.9.0 y Master Branch (35a819fa). Un archivo MFER especialmente manipulado puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad. Esta vulnerabilidad se manifiesta en la l\u00ednea 9184 de biosig.c en la rama maestra actual (35a819fa), cuando la etiqueta es 131: else if (tag==131) //0x83 { // Edad del paciente if (len!=7) fprintf(stderr,\\\"Warning MFER tag131 incorrect length %i!=7\\\\n\\\",len); curPos += ifread(buf,1,len,hdr);\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libbiosig_project:libbiosig:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.9.1\",\"matchCriteriaId\":\"4893D615-FD95-4393-A5B0-E1BE19F180A6\"}]}]}],\"references\":[{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54493\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-25T18:21:39.374220Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-25T18:21:44.318Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Discovered by Mark Bereza and Lilith \u0026gt;_\u0026gt; of Cisco Talos.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"The Biosig Project\", \"product\": \"libbiosig\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.9.0\"}, {\"status\": \"affected\", \"version\": \"Master Branch (35a819fa)\"}]}], \"references\": [{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234\", \"name\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2234\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131:\\r\\n\\r\\n                else if (tag==131)    //0x83\\r\\n                {\\r\\n                    // Patient Age\\r\\n                    if (len!=7) fprintf(stderr,\\\"Warning MFER tag131 incorrect length %i!=7\\\\n\\\",len);\\r\\n                    curPos += ifread(buf,1,len,hdr);\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-121\", \"description\": \"CWE-121: Stack-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"shortName\": \"talos\", \"dateUpdated\": \"2025-08-25T13:53:46.822Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-54493\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-25T18:22:08.119Z\", \"dateReserved\": \"2025-07-23T14:45:55.836Z\", \"assignerOrgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"datePublished\": \"2025-08-25T13:53:46.822Z\", \"assignerShortName\": \"talos\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.