Out of Bounds Write Vulnerability in FreeType Software by FreeType Project
CVE-2025-27363

8.1HIGH

Key Information:

Vendor
Freetype
Status
Vendor
CVE Published:
11 March 2025

Badges

🔥 Trending now📈 Trended📈 Score: 2,940💰 Ransomware👾 Exploit Exists🟣 EPSS 71%🦅 CISA Reported📰 News Worthy

What is CVE-2025-27363?

CVE-2025-27363 is an out-of-bounds write vulnerability identified in the FreeType software, specifically affecting versions 2.13.0 and earlier. FreeType is an open-source software library designed to render fonts, widely used in various applications and platforms for displaying text. This vulnerability arises when the library attempts to process font subglyph structures, particularly in TrueType GX and variable font files. If exploited, it could allow attackers to execute arbitrary code, posing significant risks to organizations that rely on FreeType for font rendering in their applications.

Technical Details

The vulnerability stems from improper handling of data types within the FreeType library. During the parsing of font subglyph structures, a signed short value is incorrectly assigned to an unsigned long variable, leading to incorrect calculations that result in heap buffer allocation being too small. As a consequence, the library may write data beyond the allocated buffer, potentially affecting adjacent memory areas. This kind of out-of-bounds write can lead to several severe outcomes, including the execution of arbitrary code by an attacker.

Potential impact of CVE-2025-27363

  1. Arbitrary Code Execution: Exploiting this vulnerability allows attackers to run malicious code on the affected system, which can result in complete system compromise.

  2. Data Breaches: Once an attacker gains control through arbitrary code execution, they may access sensitive data, leading to potential data leaks or theft.

  3. System Instability: The exploitation may cause crashes or other erratic behaviors in applications relying on FreeType, potentially resulting in denial of service scenarios and impacting overall system reliability.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

FreeType 0.0.0 <= 2.13.0

News Articles

Critical Android ‘No Interaction’ Attacks Confirmed By Google

No user interaction Android hack attacks underway — take action now.

2 days ago

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) - Help Net Security

Google released fixes for many Android vulnerabilities, including a FreeType flaw (CVE-2025-27363) "under limited, targeted exploitation."

2 days ago

May 2025 Android Security Bulletin Fixes 46 Vulnerabilities

Google's May 2025 Android Security Bulletin patches 46 flaws, including CVE-2025-27363—a high-risk vulnerability already exploited in targeted attacks.

2 days ago

References

EPSS Score

71% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🦅

    CISA Reported

  • 💰

    Used in Ransomware

  • 📈

    Vulnerability started trending

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by SecurityWeek

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-27363 : Out of Bounds Write Vulnerability in FreeType Software by FreeType Project | SecurityVulnerability.io