CVE-2025-14672
Unknown Unknown - Not Provided
Heap-Based Buffer Overflow in snap7-rs TSnap7MicroClient (Remote Exploit

Publication date: 2025-12-14

Last updated on: 2026-04-29

Assigner: VulDB

Description
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-14
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-14
EPSS Evaluated
2026-06-14
NVD
CVE-2025-14672
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
gmg137 snap7-rs 1.142.1
gmg137 snap7-rs 1.142.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a heap-based buffer overflow in the snap7-rs library (versions up to 1.142.1), specifically in the function TSnap7MicroClient::opWriteArea in the s7_micro_client.cpp file. It occurs because the method accepts an unchecked size parameter, leading to a memcpy operation that copies more data than the allocated buffer size, causing memory corruption on the heap. This flaw can be triggered remotely without authentication, potentially allowing attackers to exploit the overflow. [1, 2]

Impact Analysis

The heap-based buffer overflow can compromise the confidentiality, integrity, and availability of the affected system. Since the vulnerability can be exploited remotely without authentication, attackers may execute arbitrary code, cause crashes, or disrupt service, leading to potential system compromise or denial of service. [2]

Detection Guidance

Detection of this vulnerability involves monitoring for abnormal or unexpected calls to the vulnerable function TSnap7MicroClient::opWriteArea or the snap7-rs library's ct_write method with unusually large size parameters that could trigger a heap buffer overflow. Since the exploit involves sending crafted input remotely, network traffic analysis for suspicious packets targeting snap7-rs services may help. Additionally, fuzz testing or running the provided proof-of-concept exploit in a controlled environment can help detect if the system is vulnerable. Specific commands are not provided in the resources, but using debugging tools like AddressSanitizer (ASan) during testing or monitoring logs for crashes related to memcpy in s7_micro_client.cpp could be useful. [1, 2]

Mitigation Strategies

Immediate mitigation steps include replacing or upgrading the affected snap7-rs library versions (up to 1.142.1) with a non-vulnerable version or an alternative product, as no known mitigations or patches are currently available. Restricting network access to the vulnerable service to trusted sources and monitoring for exploit attempts can reduce risk. Applying network-level protections such as firewalls or intrusion detection systems to block suspicious traffic targeting the snap7-rs service is also recommended. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14672. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart