CVE-2025-71263
Published: 13 March 2026
Summary
CVE-2025-71263 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Discuss (inferred from references). Its CVSS base score is 7.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-71263 is a buffer overflow vulnerability (CWE-120) in the su command of UNIX Fourth Research Edition (v4), stemming from the 'password' variable being allocated a fixed size of 100 bytes. This flaw affects only this legacy UNIX variant, which has no remaining support from its maintainer. The vulnerability received a CVSS v3.1 base score of 7.4 (AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) upon publication on 2026-03-13.
A local attacker with no privileges required (PR:N) can exploit this vulnerability through high-complexity attack methods (AC:H), such as crafting input that overflows the fixed-size password buffer in the su command. Successful exploitation allows the attacker to gain root privileges, resulting in high confidentiality, integrity, and availability impacts (C:H/I:H/A:H).
Advisories and discussions in the provided references, including analyses on systems.discuss, sigma-star.at, spinellis.gr, tuhs.org, and openwall.com, emphasize that UNIX v4 is unsupported with no patches or mitigations available from the maintainer. Security practitioners should isolate or decommission any legacy lab environments running this software.
In notable context, the vulnerability is unlikely to exist outside a very small number of lab environments, minimizing real-world risk. No evidence of active exploitation has been reported.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208655
Vulnerability details
In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely…
more
that UNIX v4 is running anywhere outside of a very small number of lab environments. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in local su binary directly enables local privilege escalation to root via crafted input (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires replacing or isolating unsupported system components, matching the CVE's explicit statement that UNIX v4 has no maintainer patches and should be decommissioned.
Implements memory protections that can block exploitation of the fixed-size password buffer overflow before root privileges are obtained.
Enforces least privilege so that even a successful local overflow in su cannot easily yield full root rights on the legacy system.