CVE-2025-14934
Stack-based Buffer Overflow in NetCDF-C Enables Remote Code Execution
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nsf | unidata_netcdf-c | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in NSF Unidata NetCDF-C that occurs when parsing variable names. It happens because the software does not properly check the length of user-supplied data before copying it into a fixed-length buffer on the stack. An attacker can exploit this by tricking a user into visiting a malicious webpage or opening a malicious file, which then allows the attacker to execute arbitrary code with the same privileges as the current user. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to execute arbitrary code on your system with the privileges of the current user. This can lead to unauthorized access, data modification, or disruption of services, impacting confidentiality, integrity, and availability of your system. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening untrusted NetCDF files or visiting untrusted webpages that may trigger the vulnerability. Ensure that users are aware not to interact with suspicious files or links. Additionally, apply any available patches or updates from the vendor for NSF Unidata NetCDF-C to fix the buffer overflow issue. [1]