{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-49010", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-05-29T16:34:07.176Z", "datePublished": "2026-03-30T16:59:25.810Z", "dateUpdated": "2026-03-30T18:38:21.684Z"}, "containers": {"cna": {"title": "OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE", "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4"}, {"name": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010"}], "affected": [{"vendor": "OpenSC", "product": "OpenSC", "versions": [{"version": "< 0.27.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-30T16:59:25.810Z"}, "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "source": {"advisory": "GHSA-q5cf-5wmx-9wh4", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T18:38:16.196764Z", "id": "CVE-2025-49010", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:38:21.684Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-49010", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T18:38:16.196764Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:38:18.555Z"}}], "cna": {"title": "OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE", "source": {"advisory": "GHSA-q5cf-5wmx-9wh4", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "PHYSICAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "OpenSC", "product": "OpenSC", "versions": [{"status": "affected", "version": "< 0.27.0"}]}], "references": [{"url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4", "name": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010", "name": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-30T16:59:25.810Z"}}}, "cveMetadata": {"cveId": "CVE-2025-49010", "state": "PUBLISHED", "dateUpdated": "2026-03-30T18:38:21.684Z", "dateReserved": "2025-05-29T16:34:07.176Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-30T16:59:25.810Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*", "matchCriteriaId": "D890677F-5379-4587-B8E7-D38B02AD525A", "versionEndExcluding": "0.27.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}, {"lang": "es", "value": "OpenSC es un conjunto de herramientas y middleware de c\u00f3digo abierto para tarjetas inteligentes. Antes de la versi\u00f3n 0.27.0, un atacante con acceso f\u00edsico al ordenador en el momento en que un usuario o administrador utiliza un token puede causar una escritura de desbordamiento de b\u00fafer de pila en GET RESPONSE. El ataque requiere un dispositivo USB manipulado o una tarjeta inteligente manipulada que presentar\u00eda al sistema respuestas especialmente dise\u00f1adas para las APDU. Este problema ha sido parcheado en la versi\u00f3n 0.27.0."}], "id": "CVE-2025-49010", "lastModified": "2026-04-01T18:01:59.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.4, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-30T18:16:16.950", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "OpenSC: OpenSC: Stack-buffer-overflow via crafted smart card or USB device responses", "id": "2453121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453121"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.8", "cvss3_scoring_vector": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in OpenSC, an open source smart card tools and middleware. An attacker with physical access to the computer, at the time a user or administrator uses a token, can exploit this vulnerability. By presenting specially crafted responses to Application Protocol Data Units (APDUs) from a malicious USB device or smart card, the attacker can cause a stack-buffer-overflow write. This memory corruption vulnerability could lead to unexpected behavior or system instability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-49010", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-30T16:59:25Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-49010\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-49010\nhttps://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5cf-5wmx-9wh4\nhttps://github.com/OpenSC/OpenSC/wiki/CVE-2025-49010"], "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-03-31T05:26:38.476914+00:00", "value": {"mitigation_remediation": ["Upgrade OpenSC to version 0.27.0 or newer, which includes a patch for the stack\u2011buffer\u2011overflow.", "If upgrading is not immediately possible, restrict smart\u2011card reader access to trusted devices only, and avoid connecting unknown USB tokens to the host.", "Monitor system logs for abnormal GET RESPONSE activity, which may indicate attempted exploitation."], "summary": {"action": "Patch", "impact": "Stack buffer overflow"}, "threat_synthesis": {"affected_systems": "OpenSC prior to version 0.27.0 is affected. The vulnerability exists in the OpenSC open source smart\u2011card tooling and middleware, which is used on operating systems supporting smart card interfaces such as Linux, macOS, and Windows. Any system that uses OpenSC to interface with smart cards or USB tokens is potentially impacted unless upgraded.", "description_and_impact": "A stack-buffer-overflow occurs when the system processes a crafted response to a GET RESPONSE command. The overflow allows the attacker to overwrite adjacent memory, potentially corrupting program data or control flow. This defect can be exploited to alter the internal state of the OpenSC libraries, thereby compromising functional integrity of smart card operations.", "risk_and_exploitability": "The CVSS score of 3.8 classifies the vulnerability as low severity, yet the requirement for a crafted USB device or smart card and physical presence on the host limits exploitability to attackers who can physically access the machine. While the EPSS score is unavailable, the lack of listing in the CISA KEV catalog suggests no widespread exploitation. The attack vector is inferred to be physical, local and requires a maliciously constructed smart card or USB reader to trigger the buffer overflow."}}}}, "created": "2026-03-30T20:55:28.184353+00:00", "updated": "2026-03-31T20:00:14.711606+00:00", "vendors": []}