CVE-2025-13507
📋 TL;DR
This vulnerability in MongoDB Server allows oversized BSON documents to bypass initial size validation in time series processing, causing an assertion failure that terminates the server process. It affects MongoDB Server v7.0 before 7.0.26, v8.0 before 8.0.16, and v8.2 before 8.2.1. The issue can lead to denial of service through server crashes.
💻 Affected Systems
- MongoDB Server
📦 What is this software?
Mongodb by Mongodb
Mongodb by Mongodb
Mongodb by Mongodb
⚠️ Risk & Real-World Impact
Worst Case
Complete denial of service through server process termination, requiring manual restart and potentially causing data unavailability during the outage.
Likely Case
Intermittent server crashes when processing malformed time series data, leading to service disruption and potential data loss in transactions.
If Mitigated
Minimal impact with proper monitoring and automated restart mechanisms in place, though service interruptions may still occur.
🎯 Exploit Status
Exploitation requires ability to insert or modify time series data with oversized BSON documents; authenticated access typically needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v7.0.26, v8.0.16, v8.2.1
Vendor Advisory: https://jira.mongodb.org/browse/SERVER-108565
Restart Required: Yes
Instructions:
1. Download patched version from MongoDB website. 2. Stop MongoDB service. 3. Backup data and configuration. 4. Install patched version. 5. Restart MongoDB service. 6. Verify version with 'mongod --version'.
🔧 Temporary Workarounds
Disable time series collections
allTemporarily disable or avoid using time series collections until patched
Implement input validation
allAdd application-level validation to prevent oversized BSON documents in time series data
🧯 If You Can't Patch
- Implement strict input validation at application layer to reject oversized BSON documents
- Deploy monitoring and automated restart mechanisms to minimize downtime from crashes
🔍 How to Verify
Check if Vulnerable:
Check MongoDB version and verify if time series collections are in useCheck Version:
mongod --versionVerify Fix Applied:
Confirm version is 7.0.26+, 8.0.16+, or 8.2.1+ and test time series operations📡 Detection & Monitoring
Log Indicators:
- Assertion failure messages in MongoDB logs
- Unexpected process termination logs
- Time series operation errors
Network Indicators:
- Sudden drop in MongoDB connections
- Failed time series queries
SIEM Query:
source="mongodb.log" AND ("assert" OR "terminated" OR "fatal")