Buffer Overflow Vulnerability in Bento4 Product by Axiomatic Systems
CVE-2025-25943

7.8HIGH

Key Information:

Vendor: Axiomatic Systems
Status: Bento4
Vendor: CVE Published:; 19 February 2025

🔔 Create Axiomatic Systems Vulnerability Alert

What is CVE-2025-25943?

The vulnerability identified in Bento4 version 1.6.0-641 is a buffer overflow issue that allows a local attacker to exploit the AP4_Stz2Atom component within the software. This flaw enables the execution of arbitrary code, posing a significant security risk to affected systems. It is crucial for users of Bento4 to apply necessary updates and patches to mitigate potential threats related to this vulnerability.

References

https://github.com/axiomatic-systems/Bento4/issues/993

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 19, 2025
Vulnerability Reserved
Feb 7, 2025