10
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
Description
Cisco Talos' Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to _Cisco 's third-party vulnerability disclosure policy_, except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from _Snort.org_, and our latest Vulnerability Advisories are always posted on _Talos Intelligence 's website_.
## **Libbiosig vulnerability**
_Discovered by Mark Bereza of Cisco Talos._
BioSig is an open source software library for biomedical signal processing. The BioSig Project seeks to encourage research in biomedical signal processing by providing open source software tools.
_TALOS-2025-2296_ (CVE-2025-66043-CVE-2025-66048) includes several stack-based buffer overflow vulnerabilities in the MFER parsing functionality of the Biosig Project libbiosig 3.9.1. An attacker can supply a specially crafted MFER file to trigger these vulnerabilities, possibly leading to arbitrary code execution.
## **Grassroot DiCoM vulnerabilities**
_Discovered by Emmanuel Tacheau of Cisco Talos._
Grassroots DiCoM is a C++ library for DICOM medical files, accessible from Python, C#, Java, and PHP. It supports RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. Talos found three out-of-bounds read vulnerabilities in DiCoM. An attacker can provide a malicious file to trigger these vulnerabilities.
* _TALOS-2025-2210_(CVE-2025-53618-CVE-2025-53619) can lead to an information leak.
* _TALOS-2025-2211_ (CVE-2025-52582) can lead to an information leak.
* _TALOS-2025-2214_ (CVE-2025-48429) can lead to leaking heap data.
## **Smallstep step-ca vulnerabilities**
_Discovered by Stephen Kubik of the Cisco Advanced Security Initiatives Group (ASIG)._
Smallstep step-ca is a TLS-secured online Certificate Authority (CA) for X.509 and SSH certificate management. _TALOS-2025-2242_ (CVE-2025-44005) is an authentication bypass vulnerability in step-ca. An attacker can bypass authorization checks and force a Step-CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.
Cisco Talos' Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to _Cisco 's third-party vulnerability disclosure policy_, except for Grassroot, as the DiCoM vulnerabilities are zero-days.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from _Snort.org_, and our latest Vulnerability Advisories are always posted on _Talos Intelligence 's website_.
## **Libbiosig vulnerability**
_Discovered by Mark Bereza of Cisco Talos._
BioSig is an open source software library for biomedical signal processing. The BioSig Project seeks to encourage research in biomedical signal processing by providing open source software tools.
_TALOS-2025-2296_ (CVE-2025-66043-CVE-2025-66048) includes several stack-based buffer overflow vulnerabilities in the MFER parsing functionality of the Biosig Project libbiosig 3.9.1. An attacker can supply a specially crafted MFER file to trigger these vulnerabilities, possibly leading to arbitrary code execution.
## **Grassroot DiCoM vulnerabilities**
_Discovered by Emmanuel Tacheau of Cisco Talos._
Grassroots DiCoM is a C++ library for DICOM medical files, accessible from Python, C#, Java, and PHP. It supports RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. Talos found three out-of-bounds read vulnerabilities in DiCoM. An attacker can provide a malicious file to trigger these vulnerabilities.
* _TALOS-2025-2210_(CVE-2025-53618-CVE-2025-53619) can lead to an information leak.
* _TALOS-2025-2211_ (CVE-2025-52582) can lead to an information leak.
* _TALOS-2025-2214_ (CVE-2025-48429) can lead to leaking heap data.
## **Smallstep step-ca vulnerabilities**
_Discovered by Stephen Kubik of the Cisco Advanced Security Initiatives Group (ASIG)._
Smallstep step-ca is a TLS-secured online Certificate Authority (CA) for X.509 and SSH certificate management. _TALOS-2025-2242_ (CVE-2025-44005) is an authentication bypass vulnerability in step-ca. An attacker can bypass authorization checks and force a Step-CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.
Basic Information
ID
TALOSBLOG:FEFE6487342DB72D8EF8D3F45618004B
Published
Dec 17, 2025 at 21:02