CVE-2025-14932
Stack-based Buffer Overflow in NetCDF-C Allows Remote Code Execution
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nsf | unidata_netcdf-c | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in NSF Unidata NetCDF-C that occurs during the parsing of time units. It happens because the software does not properly validate the length of user-supplied data before copying it into a fixed-length buffer. An attacker can exploit this by tricking a user into visiting a malicious webpage or opening a malicious file, which then allows the attacker to execute arbitrary code with the current user's privileges. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to execute arbitrary code on your system with the same privileges as the current user. This can lead to unauthorized actions such as data theft, system compromise, or further attacks within your environment. Exploitation requires user interaction, like visiting a malicious webpage or opening a malicious file. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening untrusted files or visiting untrusted webpages that could exploit the flaw. Apply any available patches or updates from the vendor for NSF Unidata NetCDF-C. Additionally, restrict user privileges to limit the impact of potential exploitation. [1]