Cyber Posture

CVE-2025-25943

HighPublic PoC

Published: 19 February 2025

Published
19 February 2025
Modified
13 May 2025
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0027 50.1th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25943 is a high-severity Code Injection (CWE-94) vulnerability in Axiosys Bento4. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 49.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly requires timely remediation of the specific buffer overflow flaw in Bento4 v1.6.0-641 to prevent arbitrary code execution by local attackers.

SI-16 Memory Protection good match
prevent

Implements memory protection mechanisms like DEP and ASLR to comprehensively block arbitrary code execution resulting from the buffer overflow in AP4_Stz2Atom.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Facilitates vulnerability scanning to identify and prioritize systems running the vulnerable Bento4 version for remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

Buffer overflow enables local arbitrary code execution (AV:L, PR:L) directly matching exploitation for privilege escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp.

Deeper analysisAI

CVE-2025-25943 is a buffer overflow vulnerability in Bento4 version 1.6.0-641. The flaw affects the AP4_Stz2Atom::AP4_Stz2Atom component in Ap4Stz2Atom.cpp and allows a local attacker to execute arbitrary code. Published on 2025-02-19, it is associated with CWE-94 (code injection) and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact.

A local attacker with low privileges can exploit this vulnerability through low-complexity attacks requiring no user interaction. Successful exploitation grants arbitrary code execution with high impacts on confidentiality, integrity, and availability in the context of the affected process.

The primary reference for this CVE is a GitHub issue at https://github.com/axiomatic-systems/Bento4/issues/993, which may provide additional details on patches or mitigations.

Details

CWE(s)
CWE-94

Affected Products

axiosys
bento4
1.6.0-641

CVEs Like This One

CVE-2025-25944Same product: Axiosys Bento4
CVE-2025-63421Shared CWE-94
CVE-2024-7425Shared CWE-94
CVE-2026-26682Shared CWE-94
CVE-2025-64691Shared CWE-94
CVE-2025-24159Shared CWE-94
CVE-2025-33240Shared CWE-94
CVE-2025-21292Shared CWE-94
CVE-2026-32573Shared CWE-94
CVE-2026-31857Shared CWE-94

References