{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-66215", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-11-24T23:01:29.678Z", "datePublished": "2026-03-30T17:06:16.996Z", "dateUpdated": "2026-03-30T17:06:16.996Z"}, "containers": {"cna": {"title": "OpenSC: Stack-buffer-overflow WRITE in card-oberthur", "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2"}, {"name": "https://github.com/OpenSC/OpenSC/pull/3436", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/pull/3436"}, {"name": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d"}, {"name": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"}], "affected": [{"vendor": "OpenSC", "product": "OpenSC", "versions": [{"version": "< 0.27.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-30T17:06:16.996Z"}, "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "source": {"advisory": "GHSA-q5fc-cw56-hwp2", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "id": "CVE-2025-66215", "lastModified": "2026-03-30T18:16:18.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.4, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-30T18:16:18.350", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d"}, {"source": "security-advisories@github.com", "url": "https://github.com/OpenSC/OpenSC/pull/3436"}, {"source": "security-advisories@github.com", "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2"}, {"source": "security-advisories@github.com", "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "OpenSC: OpenSC: Stack-buffer-overflow with physical access via crafted smart card or USB device", "id": "2453119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453119"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.8", "cvss3_scoring_vector": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in OpenSC, an open-source smart card tool and middleware. An attacker with physical access to the computer can exploit this vulnerability when a user or administrator uses a smart card token. By presenting a specially crafted USB device or smart card, the attacker can trigger a stack-buffer-overflow, which may lead to information disclosure, data corruption, or denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-66215", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-30T17:06:16Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-66215\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66215\nhttps://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d\nhttps://github.com/OpenSC/OpenSC/pull/3436\nhttps://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2\nhttps://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"], "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-03-30T18:50:30.814616+00:00", "value": {"mitigation_remediation": ["Upgrade OpenSC to version 0.27.0 or later."], "summary": {"action": "Update Software", "impact": "Stack buffer overflow in smart card handling may lead to memory corruption"}, "threat_synthesis": {"affected_systems": "All versions of OpenSC prior to 0.27.0 are affected. The problem exists on any system running OpenSC that accepts smart card or USB token input, including typical Windows, Linux, and macOS environments, and requires an attacker with physical access to the computer when a user or administrator operates a token.", "description_and_impact": "OpenSC contains a stack\u2011buffer\u2011overflow write vulnerability in the card\u2011oberthur module that can be triggered by specially crafted responses from a USB device or smart card. This flaw, identified as CWE\u2011121, allows an attacker to corrupt the stack and potentially change program behaviour or cause a crash, compromising the integrity or availability of the middleware.", "risk_and_exploitability": "The CVSS score of 3.8 reflects moderate severity. No EPSS score is available and the flaw is not listed in CISA\u2019s KEV catalog. Exploitation requires physical access to the target machine and the ability to supply a crafted device, making the attack vector local and dependent on a user or administrator interacting with a token. In practice, the risk is limited to environments where tokens are used at possibly unsecured workstations."}}}}, "created": "2026-03-30T20:55:24.463313+00:00", "updated": "2026-03-30T20:55:24.463342+00:00", "vendors": []}