CVE-2025-20887

Summary

CVE-2025-20887 is a newly identified vulnerability affecting libsthmbc.so before the SMR Jan-2025 Release 1. This issue involves an out-of-bounds read in accessing a table used for svp8t. Local attackers can exploit this vulnerability by manipulating inputs to read arbitrary memory. However, user interaction is required to trigger the vulnerability. This weakness poses a significant risk, as it allows attackers to gain unauthorized access to sensitive information on affected systems. Upgrading to the latest version of libsthmbc.so is recommended to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.