CVE-2025-52497
Published: 04 July 2025
Summary
CVE-2025-52497 is a medium-severity Off-by-one Error (CWE-193) vulnerability in Arm Mbed Tls. Its CVSS base score is 4.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 41.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-20082
Vulnerability details
Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtls_pem_read_buffer and two mbedtls_pk_parse functions, via untrusted PEM input.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap-based buffer underflow in PEM parsing functions enables memory corruption, potentially leading to remote code execution when processing untrusted input, facilitating exploitation for privilege escalation, remote services, defense evasion, and credential access.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.