CVE-2025-49010
Received Received - Intake
Stack Buffer Overflow in OpenSC Smart Card Middleware

Publication date: 2026-03-30

Last updated on: 2026-04-01

Assigner: GitHub, Inc.

Description
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-03-31
EPSS Evaluated
2026-06-15
NVD
CVE-2025-49010
EUVD
EUVD-2025-209124
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
opensc_project opensc to 0.27.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2025-49010 is a stack-buffer-overflow vulnerability in the OpenSC project's libopensc package affecting versions prior to 0.27.0. It occurs during the WRITE operation in the GET RESPONSE command when a specially crafted USB device or smart card sends manipulated APDU responses. This causes the OpenSC driver to write beyond the bounds of the buffer, leading to a buffer overflow.

The root cause is improper handling of zero-length APDU responses, where functions prematurely return without correctly adjusting the data length, resulting in out-of-bounds writes. Exploitation requires physical access and a crafted device or card, making the attack complex.

Impact Analysis

This vulnerability can lead to a stack-buffer-overflow which may cause partial impacts on confidentiality, integrity, and availability of the system using OpenSC. However, the overall severity is low due to the requirement of physical access, high attack complexity, and user interaction.

  • Potential unauthorized data manipulation or leakage due to buffer overflow.
  • Possible disruption or crash of OpenSC services handling smart card communication.
  • No known workarounds; patching to version 0.27.0 or later is required to mitigate the issue.
Detection Guidance

This vulnerability requires physical access and exploitation via a specially crafted USB device or smart card that sends manipulated APDU responses. Detection involves identifying the use of vulnerable OpenSC versions (prior to 0.27.0) and monitoring for unusual or unexpected APDU GET RESPONSE commands that could trigger the buffer overflow.

Since the vulnerability is triggered by crafted APDU responses, direct detection on a network or system using standard commands is not straightforward. There are no specific commands provided to detect exploitation attempts.

A practical approach is to check the installed OpenSC version with a command such as:

  • opensc-tool --version

If the version is earlier than 0.27.0, the system is vulnerable. Additionally, monitoring logs for errors related to smart card communication or buffer overflows might help detect exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade OpenSC to version 0.27.0 or later, where this vulnerability has been patched.

Since exploitation requires physical access and a specially crafted USB device or smart card, restricting physical access to systems using OpenSC tools can reduce risk.

No workarounds are available, so patching is the only effective mitigation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-49010. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart