CVE-2025-49010
Stack Buffer Overflow in OpenSC Smart Card Middleware
Publication date: 2026-03-30
Last updated on: 2026-04-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opensc_project | opensc | to 0.27.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2025-49010 is a stack-buffer-overflow vulnerability in the OpenSC project's libopensc package affecting versions prior to 0.27.0. It occurs during the WRITE operation in the GET RESPONSE command when a specially crafted USB device or smart card sends manipulated APDU responses. This causes the OpenSC driver to write beyond the bounds of the buffer, leading to a buffer overflow.
The root cause is improper handling of zero-length APDU responses, where functions prematurely return without correctly adjusting the data length, resulting in out-of-bounds writes. Exploitation requires physical access and a crafted device or card, making the attack complex.
How can this vulnerability impact me? :
This vulnerability can lead to a stack-buffer-overflow which may cause partial impacts on confidentiality, integrity, and availability of the system using OpenSC. However, the overall severity is low due to the requirement of physical access, high attack complexity, and user interaction.
- Potential unauthorized data manipulation or leakage due to buffer overflow.
- Possible disruption or crash of OpenSC services handling smart card communication.
- No known workarounds; patching to version 0.27.0 or later is required to mitigate the issue.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability requires physical access and exploitation via a specially crafted USB device or smart card that sends manipulated APDU responses. Detection involves identifying the use of vulnerable OpenSC versions (prior to 0.27.0) and monitoring for unusual or unexpected APDU GET RESPONSE commands that could trigger the buffer overflow.
Since the vulnerability is triggered by crafted APDU responses, direct detection on a network or system using standard commands is not straightforward. There are no specific commands provided to detect exploitation attempts.
A practical approach is to check the installed OpenSC version with a command such as:
- opensc-tool --version
If the version is earlier than 0.27.0, the system is vulnerable. Additionally, monitoring logs for errors related to smart card communication or buffer overflows might help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade OpenSC to version 0.27.0 or later, where this vulnerability has been patched.
Since exploitation requires physical access and a specially crafted USB device or smart card, restricting physical access to systems using OpenSC tools can reduce risk.
No workarounds are available, so patching is the only effective mitigation.