Login Sign Up

CVE-2025-40914

9.8 CRITICAL
Remote Code Execution Denial of Service

📋 TL;DR

CVE-2025-40914 is an integer overflow vulnerability in Perl CryptX's embedded libtommath library that could allow attackers to execute arbitrary code or cause denial of service. This affects systems using CryptX versions before 0.087 for cryptographic operations. The vulnerability stems from the same underlying issue as CVE-2023-36328 in libtommath.

💻 Affected Systems

Products:
  • Perl CryptX
Versions: All versions before 0.087
Operating Systems: All operating systems running Perl with CryptX
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where CryptX is actually used for cryptographic operations. The vulnerability is in the embedded libtommath library within CryptX.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Denial of service through application crashes or memory corruption affecting cryptographic functionality.

🟢

If Mitigated

Limited impact with proper network segmentation, minimal attack surface, and updated dependencies.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires triggering the integer overflow in specific cryptographic operations. The underlying libtommath vulnerability (CVE-2023-36328) has known technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: CryptX 0.087 and later

Vendor Advisory: https://github.com/advisories/GHSA-j3xv-6967-cv88

Restart Required: Yes

Instructions:

1. Update CryptX to version 0.087 or later using CPAN: 'cpan CryptX' 2. Restart any Perl applications or services using CryptX 3. Verify the update with 'perl -MCryptX -e "print $CryptX::VERSION"'

🔧 Temporary Workarounds

Disable CryptX Usage

all

Temporarily disable or remove CryptX from applications if not critically needed

cpan -u CryptX
perl -MCPAN -e 'CPAN::Shell->notest("uninstall", "CryptX")'

🧯 If You Can't Patch

  • Implement network segmentation to isolate systems using CryptX
  • Apply strict input validation and sanitization for all data passed to CryptX functions

🔍 How to Verify

Check if Vulnerable:

Check CryptX version with: perl -MCryptX -e "print $CryptX::VERSION"

Check Version:

perl -MCryptX -e "print $CryptX::VERSION"

Verify Fix Applied:

Verify version is 0.087 or higher and test cryptographic operations function normally

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with memory corruption errors
  • Unexpected termination of Perl processes using cryptography

Network Indicators:

  • Unusual network traffic to/from systems running Perl applications

SIEM Query:

source="*perl*" AND ("segmentation fault" OR "memory corruption" OR "CryptX")

📊 Metadata

CVE ID: CVE-2025-40914
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score: 0.09% exploit probability (26.3th percentile)
Published: June 11, 2025
Last Updated: June 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON