Cyber Resilience

CVE-2025-2308

MediumPublic PoC

Published: 14 March 2025

Published
14 March 2025
Modified
28 May 2025
KEV Added
Patch
CVSS Score v4 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0005 16.2th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2308 is a medium-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Hdfgroup Hdf5. Its CVSS base score is 4.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 16.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-2308 is a heap-based buffer overflow vulnerability classified as critical in HDF5 version 1.14.6. It affects the H5Z__scaleoffset_decompress_one_byte function within the Scale-Offset Filter component. The issue stems from improper memory handling, mapped to CWEs-119, CWE-122, and CWE-787.

Exploitation requires local access (AV:L) with low privileges (PR:L) and low attack complexity (AC:L), needing no user interaction (UI:N) and resulting in unchanged scope (S:U). Attackers can achieve limited impacts on confidentiality, integrity, and availability (C:I:A:L/L/L), as scored at CVSS 5.3 under CVSS:3.1. A proof-of-concept exploit has been publicly disclosed.

Advisories from VulDB indicate the vendor plans to fix this in an upcoming release, with no patch available yet for version 1.14.6. Relevant details and the exploit POC are available at references including GitHub (madao123123/crash_report) and VulDB entries (ctiid.299721, id.299721, submit.514531). The vulnerability was published on 2025-03-14.

EU & UK References

Vulnerability details

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been…

more

disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Heap-based buffer overflow in HDF5 library's Scale-Offset Filter enables local exploitation for arbitrary code execution, facilitating privilege escalation (T1068).

CVEs Like This One

CVE-2025-2310Same product: Hdfgroup Hdf5
CVE-2025-2309Same product: Hdfgroup Hdf5
CVE-2025-2153Same product: Hdfgroup Hdf5
CVE-2026-26200Same product: Hdfgroup Hdf5
CVE-2026-34734Same product: Hdfgroup Hdf5
CVE-2025-1788Shared CWE-119, CWE-122
CVE-2024-45421Shared CWE-119, CWE-122
CVE-2026-1418Shared CWE-119, CWE-787
CVE-2026-21236Shared CWE-122, CWE-787
CVE-2026-21245Shared CWE-122, CWE-787

Affected Assets

hdfgroup
hdf5
1.14.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the heap-based buffer overflow in HDF5 1.14.6 by requiring timely flaw remediation through vendor patches once available.

prevent

Implements memory protection mechanisms such as ASLR, DEP, and stack canaries to prevent exploitation of the heap buffer overflow in the Scale-Offset Filter.

prevent

Requires validation of inputs to the H5Z__scaleoffset_decompress_one_byte function to block malformed HDF5 data that triggers the buffer overflow.

References