{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-66215", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-11-24T23:01:29.678Z", "datePublished": "2026-03-30T17:06:16.996Z", "dateUpdated": "2026-03-31T18:53:46.404Z"}, "containers": {"cna": {"title": "OpenSC: Stack-buffer-overflow WRITE in card-oberthur", "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2"}, {"name": "https://github.com/OpenSC/OpenSC/pull/3436", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/pull/3436"}, {"name": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d"}, {"name": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"}], "affected": [{"vendor": "OpenSC", "product": "OpenSC", "versions": [{"version": "< 0.27.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-30T17:06:16.996Z"}, "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "source": {"advisory": "GHSA-q5fc-cw56-hwp2", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T18:50:36.530890Z", "id": "CVE-2025-66215", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T18:53:46.404Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "OpenSC: Stack-buffer-overflow WRITE in card-oberthur", "source": {"advisory": "GHSA-q5fc-cw56-hwp2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "PHYSICAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "OpenSC", "product": "OpenSC", "versions": [{"status": "affected", "version": "< 0.27.0"}]}], "references": [{"url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2", "name": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenSC/OpenSC/pull/3436", "name": "https://github.com/OpenSC/OpenSC/pull/3436", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d", "name": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215", "name": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-30T17:06:16.996Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-66215", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T18:50:36.530890Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-31T18:50:37.583Z"}}]}, "cveMetadata": {"cveId": "CVE-2025-66215", "state": "PUBLISHED", "dateUpdated": "2026-03-30T17:06:16.996Z", "dateReserved": "2025-11-24T23:01:29.678Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-30T17:06:16.996Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*", "matchCriteriaId": "D890677F-5379-4587-B8E7-D38B02AD525A", "versionEndExcluding": "0.27.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0."}, {"lang": "es", "value": "OpenSC es herramientas y middleware de c\u00f3digo abierto para tarjetas inteligentes. Antes de la versi\u00f3n 0.27.0, un atacante con acceso f\u00edsico al ordenador en el momento en que el usuario o el administrador utiliza un token puede causar una escritura de desbordamiento de b\u00fafer de pila en card-oberthur. El ataque requiere un dispositivo USB o tarjeta inteligente especialmente dise\u00f1ado que presentar\u00eda al sistema respuestas especialmente dise\u00f1adas a las APDU. Este problema ha sido parcheado en la versi\u00f3n 0.27.0."}], "id": "CVE-2025-66215", "lastModified": "2026-04-01T17:28:49.457", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.4, "impactScore": 3.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-30T18:16:18.350", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/OpenSC/OpenSC/pull/3436"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "OpenSC: OpenSC: Stack-buffer-overflow with physical access via crafted smart card or USB device", "id": "2453119", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453119"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.8", "cvss3_scoring_vector": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-120", "details": ["A flaw was found in OpenSC, an open-source smart card tool and middleware. An attacker with physical access to the computer can exploit this vulnerability when a user or administrator uses a smart card token. By presenting a specially crafted USB device or smart card, the attacker can trigger a stack-buffer-overflow, which may lead to information disclosure, data corruption, or denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-66215", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "opensc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-30T17:06:16Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-66215\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66215\nhttps://github.com/OpenSC/OpenSC/commit/efd1d479832141bcf705c2f47655ada4d5f92f5d\nhttps://github.com/OpenSC/OpenSC/pull/3436\nhttps://github.com/OpenSC/OpenSC/security/advisories/GHSA-q5fc-cw56-hwp2\nhttps://github.com/OpenSC/OpenSC/wiki/CVE-2025-66215"], "threat_severity": "Low"}

{"analysis": {"en": {"generated_at": "2026-03-31T05:25:59.690229+00:00", "value": {"mitigation_remediation": ["Upgrade OpenSC to version 0.27.0 or later."], "summary": {"action": "Immediate Patch", "impact": "Stack Buffer Overflow (memory corruption)"}, "threat_synthesis": {"affected_systems": "All systems running OpenSC prior to version 0.27.0 are affected. The issue applies to users and administrators who use a smart card or USB device with the OpenSC utilities, regardless of operating system, as the vulnerable code is part of the shared OpenSC library.", "description_and_impact": "A stack-buffer-overflow write in the card-oberthur component of OpenSC can corrupt memory, potentially allowing an attacker to execute arbitrary code or compromise system integrity. The vulnerability arises when crafted responses are received from a USB device or smart card, triggering the overflow. This results in erroneous memory writes that can lead to unpredictable program behavior or a system crash.", "risk_and_exploitability": "The CVSS v3.1 score is 3.8, indicating a low severity overall. Exploitation requires physical access to the target machine and the use of a specially crafted USB device or smart card that sends malformed APDUs to OpenSC. Because the exploit is local and depends on device tampering, the likelihood of mass widespread exploitation is limited, and the vulnerability is not listed in the CISA KEV catalog. However, any insider or attacker with physical access could use this flaw to compromise the affected system."}}}}, "created": "2026-03-30T20:55:24.463313+00:00", "updated": "2026-03-31T20:00:12.726670+00:00", "vendors": []}