CVE-2025-32397
Published: 07 May 2025
Summary
CVE-2025-32397 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Rt-Labs P-Net. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 40.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-13676
Vulnerability details
An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap-based buffer overflow in RT-Labs P-Net enables remote unauthenticated attackers to crash IO devices via malicious RPC packet, directly facilitating endpoint denial of service through application exploitation.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.