CVE-2025-0696

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 27, 2025

CWE ID 476

Summary

CVE-2025-0696 is a NULL Pointer Dereference vulnerability affecting Cesanta Frozen versions below 1.7. An attacker can exploit this issue by providing a maliciously crafted JSON input, leading to a crash of the embedded component. Successful exploitation could result in denial-of-service attacks or potentially more severe consequences. System administrators are advised to update their Cesanta Frozen installations to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Cesanta Frozen

Affected Vendors

Cesanta Software Limited

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2v-ZyW
https://www.cve.org/CVERecord?id=CVE-2025-0696
https://nvd.nist.gov/vuln/detail/CVE-2025-0696

Back to Vulnerability Database