Heap Overflow Vulnerability in OpenH264 Codec Library
CVE-2025-27091

8.6HIGH

Key Information:

Vendor
Cisco
Status
Openh264
Vendor
CVE Published:
20 February 2025

Badges

🔥 Trending now📈 Trended📈 Score: 1,250

What is CVE-2025-27091?

CVE-2025-27091 is a vulnerability identified in the OpenH264 codec library, developed by Cisco, which is widely used for H.264 video encoding and decoding. This specific vulnerability involves a heap overflow caused by a race condition in the library’s decoding functions. An unauthenticated remote attacker could exploit this flaw by crafting a malicious video bitstream, which, when processed by a victim’s application, might lead to unexpected crashes or potentially allow the attacker to execute arbitrary commands on the victim’s system. Organizations utilizing versions 2.5.0 and earlier of the OpenH264 codec are particularly at risk and should upgrade to version 2.6.0 or later to mitigate this vulnerability.

Technical Details

The vulnerability arises from a race condition between the memory allocation for a Sequence Parameter Set (SPS) and subsequent usage of a non-Instantaneous Decoder Refresh (non-IDR) Network Abstraction Layer (NAL) unit. When a crafted video containing the malicious bitstream is decoded, it could lead to a heap overflow. This overflow could allow attackers to corrupt memory, thereby potentially executing code in the context of the affected application. Notably, both Scalable Video Coding (SVC) and Advanced Video Coding (AVC) modes are affected by this vulnerability, which means a wide range of applications leveraging OpenH264 for video processing could be impacted.

Potential Impact of CVE-2025-27091

  1. Remote Code Execution: If exploited, attackers could execute arbitrary commands on the victim’s host system, leading to complete control over the system and potential data breaches.

  2. System Crashes: The vulnerability could cause applications using the OpenH264 library to crash unexpectedly, disrupting services and impacting user experience.

  3. Increased Attack Surface: As the OpenH264 codec is implemented in various video processing applications, the existence of this vulnerability increases the potential attack surface for threat actors, making organizations that utilize affected versions of the codec more vulnerable to cyberattacks.

Affected Version(s)

openh264 < 2.6.0

References

https://github.com/cisco/openh264/security/advisories/GHS...
x_refsource_CONFIRM
https://github.com/cisco/openh264/releases/tag/v2.6.0
x_refsource_MISC

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • Vulnerability Reserved

.