CVE-2025-55298 – A format string vulnerability in ImageMagick's ... (How to Fix)

Q: What is the severity of CVE-2025-55298?

CVE-2025-55298 has a CVSS score of 7.5 (HIGH). A format string vulnerability in ImageMagick's InterpretImageFilename function allows attackers to overwrite arbitrary memory regions by passing unsanitized user input to FormatLocaleString. This can lead to heap overflow or remote code execution. All systems running vulnerable ImageMagick versions are affected.

📋 TL;DR

A format string vulnerability in ImageMagick's InterpretImageFilename function allows attackers to overwrite arbitrary memory regions by passing unsanitized user input to FormatLocaleString. This can lead to heap overflow or remote code execution. All systems running vulnerable ImageMagick versions are affected.

💻 Affected Systems

Products:

ImageMagick
Magick.NET
Any software using vulnerable ImageMagick libraries

Versions: ImageMagick versions prior to 6.9.13-28 and 7.1.2-2

Operating Systems: All operating systems running vulnerable ImageMagick versions

Default Config Vulnerable: ⚠️ Yes

Notes: Any application that processes untrusted image files using ImageMagick is vulnerable.

📦 What is this software?

Imagemagick by Imagemagick

View all CVEs affecting Imagemagick →

Imagemagick by Imagemagick

View all CVEs affecting Imagemagick →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the ImageMagick process, potentially leading to full system compromise.

🟠

Likely Case

Denial of service through application crashes or limited memory corruption leading to data leakage.

🟢

If Mitigated

Minimal impact if proper input validation and sandboxing are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious image filenames or metadata that trigger the format string bug.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: ImageMagick 6.9.13-28 and 7.1.2-2

Vendor Advisory: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645

Restart Required: Yes

Instructions:

1. Update ImageMagick to version 6.9.13-28 or 7.1.2-2 using your package manager. 2. Restart any services using ImageMagick. 3. For Magick.NET, update to version 14.8.1 or later.

🔧 Temporary Workarounds

Disable vulnerable image formats

all

Remove or disable ImageMagick's ability to process untrusted image formats via policy.xml

Edit /etc/ImageMagick-6/policy.xml or /etc/ImageMagick-7/policy.xml
Add <policy domain="coder" rights="none" pattern="*" /> to block all formats

Sandbox ImageMagick processes

linux

Run ImageMagick in a container or with reduced privileges

docker run --security-opt no-new-privileges imagename
Use seccomp or AppArmor profiles

🧯 If You Can't Patch

Implement strict input validation to reject malformed filenames before passing to ImageMagick.
Isolate ImageMagick processing to dedicated, non-privileged systems with network restrictions.

🔍 How to Verify

Check if Vulnerable:

Run 'convert --version' or 'magick --version' and check if version is below 6.9.13-28 or 7.1.2-2.

Check Version:

convert --version 2>/dev/null || magick --version 2>/dev/null

Verify Fix Applied:

Confirm version is 6.9.13-28 or higher for ImageMagick 6, or 7.1.2-2 or higher for ImageMagick 7.

📡 Detection & Monitoring

Log Indicators:

ImageMagick process crashes with segmentation faults
Unusual filename patterns in image processing logs

Network Indicators:

Unexpected outbound connections from image processing servers

SIEM Query:

process_name:"convert" OR process_name:"magick" AND (event_type:crash OR command_line:*%*%*)

📊 Metadata

CVE ID: CVE-2025-55298

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-123

EPSS Score: 0.43% exploit probability (62th percentile)

Published: August 26, 2025

Last Updated: November 3, 2025

🔗 References

https://github.com/ImageMagick/ImageMagick/commit/439b362b93c074eea6c3f834d84982b43ef057d5 Patch
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645 Exploit,Vendor Advisory
https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1 Release Notes
https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645 Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55298, you might also want to check these: