Cyber Resilience

CVE-2023-25076

CriticalPublic PoC

Published: 30 March 2023

Published
30 March 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2967 96.7th percentile
Risk Priority 37 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-25076 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Sniproxy Project Sniproxy. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 3.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A buffer overflow vulnerability exists in SNIProxy versions 0.6.0-2 and the master branch prior to commit 822bb80df9b7b345cc9eba55df74a07b498819ba. The flaw occurs during handling of wildcard backend hosts and is triggered by specially crafted HTTP or TLS packets, enabling arbitrary code execution. It is tracked under CWE-120 and carries a CVSS 3.1 score of 9.8.

An unauthenticated attacker with network access can send a malicious packet to an affected SNIProxy instance and achieve arbitrary code execution with no user interaction required. The attack requires low complexity and grants full confidentiality, integrity, and availability impact on the target system.

Debian security advisories DSA-5413 and the corresponding LTS announcement recommend upgrading to patched versions of the package. Fixed code is available in the referenced GitHub commits that address the buffer handling logic for wildcard backends.

The EPSS score rose from a low baseline to a peak of 0.3552 after public disclosure, indicating measurable post-release exploitation interest that warrants renewed attention.

EU & UK References

Vulnerability details

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP or TLS packet can lead to arbitrary code execution. An attacker could send a malicious…

more

packet to trigger this vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sniproxy project
sniproxy
0.6.0-2, 0.6.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-120

Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.

References