Cyber Posture

CVE-2025-25522

High

Published: 11 February 2025

Published
11 February 2025
Modified
06 June 2025
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
EPSS Score 0.0011 29.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25522 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Linksys Wap610N Firmware. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly requires validation of information inputs including length checks in the time setting operation to prevent buffer overflow exploitation.

SI-2 Flaw Remediation good match
prevent

Mandates timely flaw remediation through firmware patching to eliminate the buffer overflow vulnerability in the Linksys WAP610N.

SI-16 Memory Protection partial match
prevent

Implements memory protections like stack canaries and DEP to mitigate exploitation of buffer overflows even if input validation fails.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Buffer overflow in local time setting operation (AV:L, PR:N) enables arbitrary code execution and device control, directly facilitating exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.

Deeper analysisAI

CVE-2025-25522 is a buffer overflow vulnerability (CWE-120) in the Linksys WAP610N wireless access point running firmware version 1.0.05.002. The issue stems from a lack of length verification in the time setting operation, allowing overflow conditions that can be exploited. Published on 2025-02-11, it has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L), indicating high integrity impact potential with low confidentiality and availability effects.

A local attacker with no privileges or user interaction required can exploit this vulnerability due to its low attack complexity. Successful exploitation enables the attacker to directly control the remote target device, potentially leading to unauthorized modifications or further compromise.

For mitigation details, refer to the advisory at https://gist.github.com/XiaoCurry/f2365f4f6d18b2b4518ee20d5c091e1b.

Details

CWE(s)
CWE-120

Affected Products

linksys
wap610n firmware
1.0.05.002

CVEs Like This One

CVE-2025-71263Shared CWE-120
CVE-2025-47389Shared CWE-120
CVE-2026-31622Shared CWE-120
CVE-2025-48611Shared CWE-120
CVE-2025-0303Shared CWE-120
CVE-2025-8822Same vendor: Linksys
CVE-2025-49495Shared CWE-120
CVE-2026-1679Shared CWE-120
CVE-2025-47394Shared CWE-120
CVE-2025-47399Shared CWE-120

References