CVE-2025-69419
Description
Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer.
Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service.
The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer.
The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy.
The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.
OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.
OpenSSL 1.0.2 is not affected by this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A one-byte heap buffer underwrite in OpenSSL's PKCS#12 friendly name parsing via BMPString to UTF-8 conversion can cause memory corruption and denial of service.
Vulnerability
Overview
CVE-2025-69419 is a heap buffer underwrite vulnerability in OpenSSL's PKCS12_get_friendlyname() function. The root cause lies in the OPENSSL_uni2utf8() function, which converts a PKCS#12 BMPString (UTF-16BE) to UTF-8 in two passes. During the second pass, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. When UTF8_putc() returns -1, this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, resulting in a one-byte write before the allocated heap buffer [2].
Exploitation
The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, according to the advisory, avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application. The attacker can trigger a single zero-byte write before the allocated buffer [2].
Impact
The out-of-bounds write can cause memory write can cause memory corruption, which can have various consequences including a Denial of Service (DoS). The advisory notes that due to the limited nature of the write (one zero byte before the buffer), the issue was assessed as Low severity according to OpenSSL's Security Policy [2].
Mitigation
OpenSSL versions 3.6, 3.5, 3.4, 3.3, 3.0, and 1.1.1 are vulnerable. OpenSSL 1.0.2 is not affected. The FIPS modules in 3.6, 3.5, 3, 3.0, and 1.1.1 are not affected as PKCS#12 implementation is outside the FIPS module boundary [2]. Patches are available in commits that add a check for the return value of UTF8_putc() and return an error if it fails [3][4]. Users should upgrade to fixed versions: OpenSSL 3.6.1, 3.5.5, 3.4.4, 3.3.7, 3.0.16, and 1.1.1zb [2].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
23.0-POST-CLANG-FORMAT-WEBKIT, 3.0-PRE-CLANG-FORMAT-WEBKIT, 3.3-POST-CLANG-FORMAT-WEBKIT, …+ 1 more
- (no CPE)range: 3.0-POST-CLANG-FORMAT-WEBKIT, 3.0-PRE-CLANG-FORMAT-WEBKIT, 3.3-POST-CLANG-FORMAT-WEBKIT, …
- (no CPE)range: <=3.6
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/openssl/openssl/commit/41be0f216404f14457bbf3b9cc488dba60b49296nvdPatch
- github.com/openssl/openssl/commit/7e9cac9832e4705b91987c2474ed06a37a93cecbnvdPatch
- github.com/openssl/openssl/commit/a26a90d38edec3748566129d824e664b54bee2e2nvdPatch
- github.com/openssl/openssl/commit/cda12de3bc0e333ea8d2c6fd15001dbdaf280015nvdPatch
- github.com/openssl/openssl/commit/ff628933755075446bca8307e8417c14d164b535nvdPatch
- openssl-library.org/news/secadv/20260127.txtnvdVendor Advisory
- cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd
News mentions
0No linked articles in our index yet.