CVE-2025-7616
BaseFortify
Publication date: 2025-07-14
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gmg137 | snap7-rs | 1.142.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7616 is a critical memory corruption vulnerability in the gmg137 snap7-rs library (up to version 1.142.1). It occurs in the Public API component's function pthread_cond_destroy, where improper handling leads to memory corruption by allowing read or write operations outside the intended memory buffer boundaries. This causes segmentation faults during the destruction of S7Partner objects, due to unsafe destruction or double destruction of pthread condition variables in the native C++ code. The vulnerability can be triggered by fuzzed inputs and results in crashes and potential exploitation. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by causing memory corruption that affects the confidentiality, integrity, and availability of the affected system. Exploiting this flaw can lead to crashes (segmentation faults) and potentially allow attackers to execute arbitrary code or disrupt normal operations. Since the exploit is publicly available and easy to use, systems using the vulnerable snap7-rs library are at risk of compromise or denial of service. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by reproducing the crash using the provided Rust driver program that exercises the S7Partner API functions (create, start_to, stop) with fuzzed input data. Running the program with AddressSanitizer (ASan) enabled will reveal segmentation faults caused by the vulnerability. To detect it, compile the snap7-rs crate with ASan enabled using Rust nightly and Clang 15, set environment variables for sanitization and debugging symbols, and run the program with ASan symbolizer and backtrace enabled. Specific commands include building with ASan and running the Rust test driver with fuzzed inputs to observe crashes during pthread_cond_destroy calls. The PoC and crash input files are available at the referenced GitHub repository. [2]
What immediate steps should I take to mitigate this vulnerability?
No specific mitigation or countermeasures are currently available for this vulnerability. It is suggested to consider replacing the affected snap7-rs library version (up to 1.142.1) with an alternative or updated version once a fix is released. Until then, avoid using the vulnerable versions to prevent exploitation. Monitoring for updates or patches from the maintainers is recommended. [1]