CVE-2025-14673
Unknown Unknown - Not Provided

Heap-Based Buffer Overflow in snap7-rs S7Client Allows Remote Exploit

Vulnerability report for CVE-2025-14673, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-14

Last updated on: 2026-04-29

Assigner: VulDB

Description

A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-14
Last Modified
2026-04-29
Generated
2026-07-06
AI Q&A
2025-12-14
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
gmg137 snap7-rs 1.142.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-14673 is a critical heap-based buffer overflow vulnerability in the snap7-rs Rust client library, specifically in the function snap7_rs::client::S7Client::as_ct_write. The issue arises because unsafe Rust code incorrectly converts Rust fat pointers (which include data pointer and length) to raw void pointers for Foreign Function Interface (FFI) calls without validating that the size parameter matches the actual buffer length. This mismatch leads to out-of-bounds memory access during a memcpy operation in native C++ code, causing a heap buffer overflow and potential memory corruption. [1]

Impact Analysis

This vulnerability can be exploited remotely without authentication, allowing attackers to cause a heap-based buffer overflow. This can lead to memory corruption, potentially compromising the confidentiality, integrity, and availability of affected systems. Since the snap7-rs client library is used for communication with Siemens S7 PLCs in industrial automation, exploitation could disrupt industrial control systems or cause unexpected behavior in critical infrastructure. [2]

Detection Guidance

Detection of CVE-2025-14673 involves monitoring for crashes or abnormal behavior in applications using the snap7-rs library, especially those invoking the as_ct_write function. Since the vulnerability is a heap-based buffer overflow triggered by malformed input, fuzz testing with tools like AddressSanitizer can help identify the issue. There are no specific network detection commands provided, but monitoring for unusual memory errors or crashes in the snap7-rs client is advised. Using fuzzing tools or running the provided proof-of-concept exploit in a controlled environment can help detect the vulnerability. [1, 2]

Mitigation Strategies

Immediate mitigation steps include replacing or updating the affected snap7-rs library to a version that fixes the vulnerability once available. Since no known mitigations or countermeasures are currently identified, avoiding use of the vulnerable function as_ct_write or limiting exposure of systems using this library to untrusted networks can reduce risk. Monitoring for updates from the vendor or community and applying patches promptly is critical. If possible, restrict remote access to systems using snap7-rs to prevent exploitation. [2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14673. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart