Main Vulnerability Database Vulnerabilities #VU109657

Expected behavior violation in OpenSSL - CVE-2025-4575

Published: May 22, 2025

Vulnerability identifier: #VU109657

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-4575

CWE-ID: CWE-440

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: OpenSSL Software Foundation

Affected software:
OpenSSL

Detailed vulnerability description

The vulnerability may allow an attacker to gain unauthorized access to the application.

The vulnerability exists due to an error in code related to usage of the "-addreject" option to reject certain x509 certificates. If the option is used, the certificated will be added as trusted instead of rejecting it.

How to mitigate CVE-2025-4575

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://openssl-library.org/news/secadv/20250522.txt

Expected behavior violation in OpenSSL - CVE-2025-4575

Detailed vulnerability description

How to mitigate CVE-2025-4575

Sources

Please verify you're human