CVE-2025-11624 LOW

CVE-2025-11624: Buffer overwrite when processing file handles with the SFTP server

Vendor Wolfssh
Product wolfSSH
Weakness CWE-787
Published October 21, 2025
Last update October 21, 2025

CVSS base score

1.8/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:L

What the vulnerability does

01Description

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed.

Key dates

02Disclosure timeline

October 21, 2025 CVE published
October 21, 2025 Record updated