Cyber Resilience

CVE-2025-48946

Low

Published: 30 May 2025

Published
30 May 2025
Modified
25 August 2025
KEV Added
Patch
CVSS Score v3.1 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.0014 34.0th percentile
Risk Priority 7 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-48946 is a low-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in Openquantumsafe Liboqs. Its CVSS base score is 3.7 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Reduce Key Space (T1600.001); ranked at the 34.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Protocol-Specific Risks risk domain.

EU & UK References

Vulnerability details

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. liboqs prior to version 0.13.0 supports the HQC algorithm, an algorithm with a theoretical design flaw which leads to large numbers of malformed ciphertexts sharing the same…

more

implicit rejection value. Currently, no concrete attack on the algorithm is known. However, prospective users of HQC must take extra care when using the algorithm in protocols involving key derivation. In particular, HQC does not provide the same security guarantees as Kyber or ML-KEM. There is currently no patch for the HQC flaw available in liboqs, so HQC is disabled by default in liboqs starting from version 0.13.0. OQS will update its implementation after the HQC team releases an updated algorithm specification.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Protocol-Specific Risks
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ml

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1600.001 Reduce Key Space Defense Impairment
Adversaries may reduce the level of effort required to decrypt data transmitted over the network by reducing the cipher strength of encrypted communications.
Why these techniques?

The theoretical design flaw in the HQC algorithm causes many malformed ciphertexts to share the same implicit rejection value, potentially enabling attacks that reduce the effective key space and weaken encryption security, especially in key derivation protocols.

Affected Assets

openquantumsafe
liboqs
≤ 0.13.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-327

Contacts with security groups provide timely information on broken or risky cryptographic algorithms, reducing the likelihood of their selection and use.

addresses: CWE-327

Ongoing education and sharing of recommended practices helps organizations identify and migrate away from broken or risky cryptographic algorithms.

addresses: CWE-327

Cross-organization threat feeds commonly include advances in cryptanalysis and active exploits against weak or broken algorithms, allowing organizations to deprecate them proactively.

addresses: CWE-327

Capital planning and funding allow selection and ongoing support of strong cryptographic algorithms rather than weak or broken ones.

addresses: CWE-327

Risk updates surface newly-broken or risky cryptographic algorithms as threat intelligence and computing advances evolve, enabling timely replacement.

addresses: CWE-327

Scanners flag use of broken or weak cryptographic algorithms via known-vulnerability databases.

addresses: CWE-327

Enforces approved cryptographic algorithms for each use case, blocking use of broken or risky algorithms.

addresses: CWE-327

Flaw remediation replaces broken or risky cryptographic algorithms once safer implementations are released by vendors.

References