CVE-2025-70047
Published: 09 March 2026
Summary
CVE-2025-70047 is a high-severity Uncontrolled Resource Consumption (CWE-400) vulnerability in Nexus Nexusinterface. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 18.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Deeper analysis
CVE-2025-70047 is a CWE-400: Uncontrolled Resource Consumption vulnerability discovered in Nexusoft NexusInterface version 3.2.0-beta.2. This flaw allows for denial-of-service conditions through excessive resource usage, as evidenced by its CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). The vulnerability affects the NexusInterface component, a software product from Nexusoft, and was published on 2026-03-09.
Attackers can exploit this vulnerability remotely over the network without authentication or user interaction, requiring only low complexity. Successful exploitation results in high-impact availability disruption, such as crashing the service or consuming excessive CPU/memory resources, while causing no direct confidentiality or integrity impacts.
References for further details include a GitHub Gist at https://gist.github.com/zcxlighthouse/86874c6c096c6c013803ed936b79da96, along with the Nexusoft organization page at https://github.com/Nexusoft and the NexusInterface repository at https://github.com/Nexusoft/NexusInterface.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208426
Vulnerability details
An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Uncontrolled resource consumption (CWE-400) directly enables application/system exploitation for endpoint denial of service via remote unauthenticated requests that exhaust CPU/memory or crash the service.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents denial-of-service events including uncontrolled resource consumption like excessive CPU or memory usage exploited remotely.
Enforces resource allocation policies and monitoring to protect against unauthorized or excessive consumption leading to availability disruption.
Restricts information inputs to mitigate resource exhaustion attacks by limiting rates, sizes, or types that trigger uncontrolled consumption in NexusInterface.