CVE-2025-0751

Summary

A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
AxiomaticBento41.0affected
AxiomaticBento41.1affected
AxiomaticBento41.2affected
AxiomaticBento41.3affected
AxiomaticBento41.4affected
AxiomaticBento41.5affected
AxiomaticBento41.6affected

Weaknesses

  • CWE-122: Heap-based Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References