CVE-2025-55398_CVE-2025-55398

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed.

AI Analysis

An issue in mouse07410 asn1c allows incorrect or malicious input processing due to failure in enforcing INTEGER constraints in UPER decoders for positive bounds exceeding 32 bits.

Basic Information

ID CVE-2025-55398

Source mitre

Published Aug 22, 2025 at 00:00

Modified Aug 26, 2025 at 14:07

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-1284

AI Assessment

AI Score 9.8 / 10

AI Severity CRITICAL

Vendor mouse07410

Product asn1c

Version through 0.9.29

References

github.com /mouse07410/asn1c/issues/222

{
    "lastseen": "",
    "description": "An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed.",
    "published": "2025-08-22T00:00:00.000Z",
    "modified": "2025-08-26T14:07:57.473Z",
    "type": "cve",
    "title": "CVE-2025-55398",
    "source": "mitre",
    "references": "https://github.com/mouse07410/asn1c/issues/222",
    "id": "CVE-2025-55398",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1284"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "An issue in mouse07410 asn1c allows incorrect or malicious input processing due to failure in enforcing INTEGER constraints in UPER decoders for positive bounds exceeding 32 bits.",
    "ai_severity": "CRITICAL",
    "ai_vendor": "mouse07410",
    "ai_product": "asn1c",
    "ai_version": "through 0.9.29",
    "ai_score": 9.8
}