CVE-2025-56207
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-30

Last updated on: 2025-10-02

Assigner: MITRE

Description
A security flaw in the '_transfer' function of a smart contract implementation for Money Making Opportunity (MMO), an Ethereum ERC721 Non-Fungible Token (NFT) project, allows users or attackers to transfer NFTs to the zero address, leading to permanent asset loss and non-compliance with the ERC721 standard. The eth address is 0x41d3d86a84c8507a7bc14f2491ec4d188fa944e7, contract name is MoneyMakingOpportunity, and compiler version is v0.8.17+commit.8df45f5f.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-30
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-09-30
EPSS Evaluated
2026-06-15
NVD
CVE-2025-56207
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
monekon moneymakingopportunity *
ethereum erc721 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1259 The System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a security flaw in the '_transfer' function of the Money Making Opportunity (MMO) smart contract, an Ethereum ERC721 NFT project. It allows users or attackers to transfer NFTs to the zero address, which is an invalid destination. This results in the permanent loss of those NFT assets and causes the contract to not comply with the ERC721 standard.

Impact Analysis

The vulnerability can lead to permanent loss of NFTs if they are transferred to the zero address. This means that affected users could lose ownership and access to their digital assets irreversibly. Additionally, the smart contract's non-compliance with the ERC721 standard may affect interoperability and trustworthiness of the NFT project.

Compliance Impact

The vulnerability causes non-compliance with the ERC721 standard for NFTs. However, there is no information provided about its impact on compliance with common data protection or privacy regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-56207. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart