Cyber Resilience

CVE-2025-29072

High

Published: 27 March 2025

Published
27 March 2025
Modified
11 April 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0168 82.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-29072 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Nethermind Juno. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 17.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

An integer overflow vulnerability exists in Nethermind Juno versions prior to 12.05 within the Sierra bytecode decompression logic of the cairo-lang-starknet-classes library. The flaw, tracked as CVE-2025-29072 and assigned CWE-190, permits remote attackers to submit a crafted Declare v2 or v3 transaction that triggers an infinite loop and sustained high CPU consumption, resulting in denial of service against Starknet full-node implementations. The issue carries a CVSS 3.1 score of 7.5 reflecting network-exploitable availability impact without authentication or user interaction.

Attackers can exploit the condition by sending a malicious transaction directly to any exposed Starknet node running an affected Juno release. Successful exploitation causes the node to enter a resource-exhaustion state, disrupting block processing and potentially partitioning the node from the network until manual intervention or restart occurs.

Public references indicate that the vulnerability was addressed in Juno commit 51074875941aa111c5dd2b41f2ec890a4a15b587, which updates the decompression routine to prevent the overflow. Starknet community guidance recommends that node operators upgrade to version 12.05 or later to restore normal operation.

The associated EPSS score has remained flat at 0.0168 with no material increase since disclosure.

EU & UK References

Vulnerability details

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop (and high CPU usage) by submitting a malicious Declare v2/v3 transaction. This results…

more

in a denial-of-service condition for affected Starknet full-node implementations.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The integer overflow vulnerability in Sierra bytecode decompression enables remote unauthenticated attackers to trigger an infinite loop and excessive CPU usage via crafted transactions, directly facilitating Endpoint Denial of Service through Application or System Exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-33040Shared CWE-190
CVE-2026-6773Shared CWE-190
CVE-2026-27951Shared CWE-190
CVE-2025-24528Shared CWE-190
CVE-2026-35092Shared CWE-190
CVE-2026-28952Shared CWE-190
CVE-2026-33666Shared CWE-190
CVE-2026-31814Shared CWE-190
CVE-2026-40385Shared CWE-190
CVE-2025-46597Shared CWE-190

Affected Assets

nethermind
juno
≤ 0.12.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates malformed Declare v2/v3 transaction bytecode inputs to prevent integer overflows and infinite loops during Sierra decompression.

prevent

Ensures timely remediation of the integer overflow flaw through patching to Nethermind Juno v1.2.05 or later as identified in the vendor commit.

prevent

Implements denial-of-service protections to limit effects of high CPU usage and resource exhaustion from triggered infinite loops.

References