CVE-2025-56207
BaseFortify
Publication date: 2025-09-30
Last updated on: 2025-10-02
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| monekon | moneymakingopportunity | * |
| ethereum | erc721 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1259 | The System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a security flaw in the '_transfer' function of the Money Making Opportunity (MMO) smart contract, an Ethereum ERC721 NFT project. It allows users or attackers to transfer NFTs to the zero address, which is an invalid destination. This results in the permanent loss of those NFT assets and causes the contract to not comply with the ERC721 standard.
How can this vulnerability impact me? :
The vulnerability can lead to permanent loss of NFTs if they are transferred to the zero address. This means that affected users could lose ownership and access to their digital assets irreversibly. Additionally, the smart contract's non-compliance with the ERC721 standard may affect interoperability and trustworthiness of the NFT project.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability causes non-compliance with the ERC721 standard for NFTs. However, there is no information provided about its impact on compliance with common data protection or privacy regulations such as GDPR or HIPAA.