Cyber Resilience

CVE-2025-49796

CriticalUpdated

Published: 16 June 2025

Published
16 June 2025
Modified
02 June 2026
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score 0.0178 83.1th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-49796 is a critical-severity Out-of-bounds Read (CWE-125) vulnerability in Siemens (inferred from references). Its CVSS base score is 9.1 (Critical).

Operationally, ranked in the top 16.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2025-49796 is a memory corruption vulnerability in libxml2 triggered during processing of specially crafted sch:name elements within an input XML file. The flaw, tracked under CWE-125, can result in a crash or other undefined behavior from corruption of sensitive data in memory.

An unauthenticated remote attacker can exploit the issue by supplying a malicious XML document over the network. Successful exploitation yields high impact on integrity and availability, enabling denial of service or potentially broader undefined behavior, as reflected in the CVSS 9.1 score requiring no user interaction or privileges.

Multiple Red Hat Security Advisories (RHSA-2025:10630, RHSA-2025:10698, RHSA-2025:10699, RHSA-2025:11580, and RHSA-2025:12098) address the flaw and provide updated packages for affected systems. The associated EPSS score has remained flat at 0.0178 with no material increase observed after disclosure.

EU & UK References

Vulnerability details

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting…

more

in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Siemens
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References