CVE-2025-7425

Vulnerability

Overview

CVE-2025-7425 is a heap corruption flaw in libxslt, the C library implementing XSLT transformations. The root cause is an improper modification of the attribute type (atype) flags during processing. When XSLT functions such as key() generate tree fragments, the corrupted flags prevent the correct cleanup of ID attributes. This leads to memory corruption and a use-after-free condition [1][2].

Exploitation

The vulnerability can be exploited by providing a crafted XSLT stylesheet or XML input that triggers the key() function or similar operations producing tree fragments. No authentication is required if the attacker can deliver the malicious payload to an application using libxslt. Successful exploitation requires the target application to process untrusted XSLT files, a common scenario in web browsers, document processors, or industrial automation systems that parse XSLT [3][4].

Impact

An attacker exploiting this vulnerability could cause a denial of service via application crash or potentially achieve arbitrary code execution through controlled heap corruption. The CVSS v3 base score of 7.8 (High) reflects the high impact on confidentiality, integrity, and availability [1].

Mitigation

Red Hat has released a security advisory (RHSA-2025:13312) addressing this flaw in Red Hat Enterprise Linux [4]. Siemens has also listed this CVE in advisories SSA-265688 and SSA-082556, affecting SIMATIC S7-1500 products, and SSA-032379 for the SIMATIC CN 4100 [1][2][3]. Users should apply available patches or updates from their vendors. No workarounds are mentioned in the public advisories.