Cyber Posture

CVE-2025-1744

Critical

Published: 28 February 2025

Published
28 February 2025
Modified
01 July 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0046 64.4th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1744 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Radare Radare2. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 35.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires identification, reporting, and timely correction of flaws like the heap-based buffer overflow in radare2 versions before 5.9.9 via patching.

SI-16 Memory Protection partial match
prevent

Implements memory protections such as non-executable heap and address space randomization to mitigate exploitation of out-of-bounds writes and overflows.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Enables scanning and monitoring to identify deployments of vulnerable radare2 versions affected by CVE-2025-1744 for remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
Why these techniques?

Buffer overflow in radare2 enables client-side exploitation via malicious input file or data.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

Deeper analysisAI

CVE-2025-1744 is an out-of-bounds write vulnerability in radareorg radare2 that allows heap-based buffer over-read or buffer overflow. The issue affects radare2 versions before 5.9.9 and is classified under CWE-787.

With a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), the vulnerability can be exploited remotely by an unauthenticated attacker with low complexity and no user interaction. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially allowing arbitrary heap memory read or write operations.

The vulnerability is addressed via a patch in the GitHub pull request at https://github.com/radareorg/radare2/pull/23969. Affected users should update to radare2 version 5.9.9 or later to mitigate the issue.

Details

CWE(s)
CWE-787

Affected Products

radare
radare2
≤ 5.9.8

CVEs Like This One

CVE-2026-40499Same product: Radare Radare2
CVE-2026-40517Same product: Radare Radare2
CVE-2025-1864Same product: Radare Radare2
CVE-2026-6940Same product: Radare Radare2
CVE-2026-6941Same product: Radare Radare2
CVE-2025-21042Shared CWE-787
CVE-2025-36897Shared CWE-787
CVE-2025-43300Shared CWE-787
CVE-2026-26955Shared CWE-787
CVE-2025-9809Shared CWE-787

References