Cyber Posture

CVE-2025-67433

High

Published: 12 February 2026

Published
12 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0006 17.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-67433 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Sourceforge (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.
Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Direct remote exploitation of public-facing TFTP server via crafted packet to trigger application DoS through buffer overflow.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service (DoS) via a crafted DATA packet.

Deeper analysisAI

CVE-2025-67433 is a heap buffer overflow vulnerability (CWE-122) in the processRequest function of Open TFTP Server MultiThreaded version 1.7. The flaw affects this TFTP server implementation, enabling attackers to trigger a Denial of Service (DoS) condition through a specially crafted DATA packet. Published on 2026-02-12, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity due to its potential for remote disruption.

Any unauthenticated attacker with network access to the vulnerable TFTP server can exploit this issue with low complexity and no user interaction required. By sending a malicious DATA packet, the attacker causes a heap buffer overflow, crashing the server process and rendering the TFTP service unavailable. Exploitation is straightforward over the network, targeting availability without impacting confidentiality or integrity.

Advisories and related details are available via GitHub gists at https://gist.github.com/Hyobin/f1b7d48d29e60a378bb9c88ba8b8080a and https://gist.github.com/transparencybeam/f1b7d48d29e60a378bb9c88ba8b8080a, with the project hosted on SourceForge at https://sourceforge.net/projects/tftp-server/files/tftp%20server%20multithreaded/. Security practitioners should review these for proof-of-concept details and check for updates or patches on the project page.

Details

CWE(s)
CWE-122

Affected Products

Sourceforge
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-27654Shared CWE-122
CVE-2026-24682Shared CWE-122
CVE-2026-32135Shared CWE-122
CVE-2025-54878Shared CWE-122
CVE-2025-53766Shared CWE-122
CVE-2025-48005Shared CWE-122
CVE-2025-0755Shared CWE-122
CVE-2026-2005Shared CWE-122
CVE-2026-28842Shared CWE-122
CVE-2025-67896Shared CWE-122

References