CVE-2025-1816

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Mar 2, 2025

Updated: Mar 3, 2025

CWE ID 404

CWE ID 401

Summary

CVE-2025-1816 is a newly disclosed vulnerability affecting FFmpeg versions up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This issue lies in the function audio_element_obu of the IAMF File Handler's libavformat/iamf_parse.c component. The manipulation of the argument 'num_parameters' results in a memory leak, which can be exploited remotely. The exploit is publicly known, making this a significant security concern. The patch for this issue is identified by the commit ID 0526535cd58444dd264e810b2f3348b4d96cff3b, and applying it is strongly recommended to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/33hJXv
https://www.cve.org/CVERecord?id=CVE-2025-1816
https://nvd.nist.gov/vuln/detail/CVE-2025-1816

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-1816

CVSS 2.0 Score 5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations