CVE-2025-14672

7.3 HIGH

Published: December 14, 2025 Modified: December 15, 2025

Description

A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://gitee.com/gmg137/snap7-rs/issues/ID2H8E

Source: cna@vuldb.com

https://vuldb.com/?ctiid.336401

Source: cna@vuldb.com

https://vuldb.com/?id.336401

Source: cna@vuldb.com

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.3 / 10.0

EPSS (Exploit Probability)

0.0%

15th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119 CWE-122

Related CVEs

CVE-2025-52691 10.0

CVE-2025-15168 7.3

CVE-2025-15167 7.3

CVE-2025-15166 7.3

CVE-2025-15165 7.3