CVE-2025-0343
Published: 15 January 2025
Summary
CVE-2025-0343 is a high-severity Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-11 (Error Handling) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Flaw remediation directly mitigates CVE-2025-0343 by applying patches to the Swift ASN.1 library to fix the precondition failure during BER/DER parsing.
Error handling ensures the ASN.1 parser processes malformed BER/DER inputs gracefully without crashing, preventing the DoS condition.
Information input validation checks BER/DER data from untrusted sources like TLS certificates before parsing to block malformed constructions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Malformed BER/DER input (e.g., TLS certificates) directly triggers a graceful crash in the ASN.1 parser, enabling remote DoS via application exploitation with no privileges or user interaction required.
NVD Description
Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and…
more
will trigger a preconditionFailure if that constraint isn't met. Importantly, these constraints are actually required to be true in DER, but that correctness wasn't enforced on the early node parser side so it was incorrect to rely on it later on in decoding, which is what the library did. These crashes can be triggered when parsing any DER/BER format object. There is no memory-safety issue here: the crash is a graceful one from the Swift runtime. The impact of this is that it can be used as a denial-of-service vector when parsing BER/DER data from unknown sources, e.g. when parsing TLS certificates.
Deeper analysisAI
CVE-2025-0343 is a vulnerability in Apple's Swift ASN.1 library that causes a crash during parsing of certain BER/DER constructions. The issue arises from a confusion within the ASN.1 library, which assumes specific objects are provided only in either constructed or primitive forms and triggers a preconditionFailure if this constraint is violated. While these constraints are required in DER, the early node parser did not enforce them, leading to incorrect reliance during later decoding stages. The crash is graceful, triggered by the Swift runtime with no memory-safety issues involved.
Any network-accessible attacker can exploit this vulnerability with low complexity and no privileges required, as reflected in its CVSS v3.1 score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Exploitation occurs by supplying malformed BER/DER data from untrusted sources, such as TLS certificates, causing the parser to crash and resulting in a denial-of-service condition against applications using the library.
The primary advisory is available at https://github.com/apple/swift-asn1/security/advisories/GHSA-w8xv-rwgf-4fwh, which details the vulnerability in the swift-asn1 repository. It is associated with CWE-228 (Implementation). The vulnerability was published on 2025-01-15.
Details
- CWE(s)