Security Bulletin: FreeType versions 2.13.0 and below may lead to remote code execution for IBM Storage Virtualize vSphere Remote Plug-in (CVE-2025-27363)

May 5, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title Security Bulletin: FreeType versions 2.13.0 and below may lead to remote code execution for IBM Storage Virtualize vSphere Remote Plug-in (CVE-2025-27363)
Type ibm
Published 2025-05-05T06:34:06
Last Seen 2025-05-05T10:56:45
CVSS Score 8.1 (HIGH)

CVSS v3 Details

Attack Vector NETWORK
Attack Complexity HIGH
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

CVE Information

CVE IDs CVE-2025-27363
CWE
Bulletin Family software

Description

## Summary

IBM Storage Virtualize vSphere Remote Plug-in virtual appliance runs an NGINX container built on a Debian-based image that uses a vulnerable version of the FreeType library (2.13.0 or earlier). This version is affected by CVE-2025-27363, a critical vulnerability that may allow remote code execution through malicious font rendering. To mitigate potential exploitation risks, it is strongly recommended to upgrade to the latest IBM Storage Virtualize vSphere Remote Plug-in 2.0.0.2

## Vulnerability Details

**CVEID:**CVE-2025-27363
**DESCRIPTION:** An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
**CWE:**CWE-787: Out-of-bounds Write
**CVSS Source:** [email protected]
**CVSS Base score:** 8.1
**CVSS Vector:**(CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

## Affected Products and Versions

**Affected Product(s)**| **Version(s)**
—|—
IBM Storage Virtualize vSphere Remote Plug-in| 1.0.0.0 / 1.1.0.0 / 1.1.1.0 / 1.1.1.1
IBM Storage Virtualize vSphere Remote Plug-in| 1.2.0.0
IBM Storage Virtualize vSphere Remote Plug-in| 1.3.0.0
IBM Storage Virtualize vSphere Remote Plug-in| 2.0.0.0 / 2.0.0.1

## Remediation/Fixes

IBM strongly recommends addressing the vulnerability now.
Note: Download the IBM Storage Virtualize Plugin for vSphere 2.0.0.2 OVA or plugin upgrade package from Fix Central.
IBM® Fix Central

**Product(s)**| **Version(s) number and/or range**| **Remediation/Fix/Instructions**
—|—|—
IBM Storage Virtualize vSphere Remote Plug-in| 1.0.0.0 / 1.1.0.0 / 1.1.1.0 / 1.1.1.1| IBM recommends to fix this vulnerability by upgrading IBM Storage Virtualize vSphere Remote Plug-in to 2.0.0.2
IBM Storage Virtualize vSphere Remote Plug-in| 1.2.0.0| IBM recommends to fix this vulnerability by upgrading IBM Storage Virtualize vSphere Remote Plug-in to 2.0.0.2
IBM Storage Virtualize vSphere Remote Plug-in| 1.3.0.0| IBM recommends to fix this vulnerability by upgrading IBM Storage Virtualize vSphere Remote Plug-in to 2.0.0.2
IBM Storage Virtualize vSphere Remote Plug-in| 2.0.0.0 / 2.0.0.1| IBM recommends to fix this vulnerability by upgrading IBM Storage Virtualize vSphere Remote Plug-in to 2.0.0.2

## Workarounds and Mitigations

None

##

Impact Assessment

Base Score 8.1
Severity HIGH

View full CVE details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.