CVE-2025-65405 – This vulnerability allows attackers to cause a ... (How to Fix)

Q: What is the severity of CVE-2025-65405?

CVE-2025-65405 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows attackers to cause a Denial of Service (DoS) by exploiting a use-after-free bug in Live555's ADTS/AAC file parsing. Attackers can crash the media streaming service by supplying a specially crafted audio file. This affects systems running Live555 Streaming Media software for audio/video streaming.

📋 TL;DR

This vulnerability allows attackers to cause a Denial of Service (DoS) by exploiting a use-after-free bug in Live555's ADTS/AAC file parsing. Attackers can crash the media streaming service by supplying a specially crafted audio file. This affects systems running Live555 Streaming Media software for audio/video streaming.

💻 Affected Systems

Products:

Live555 Streaming Media

Versions: v2018.09.02 and potentially earlier versions

Operating Systems: Linux, Windows, macOS, Embedded systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems using Live555 for ADTS/AAC audio streaming; embedded devices and media servers are particularly vulnerable.

📦 What is this software?

Streaming Media by Live555

View all CVEs affecting Streaming Media →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of media streaming applications, potentially affecting multiple users or downstream services.

🟠

Likely Case

Application crash requiring restart, causing temporary service interruption for streaming clients.

🟢

If Mitigated

Limited impact with proper input validation and sandboxing, potentially only affecting isolated components.

🌐 Internet-Facing: MEDIUM - Exploitable via crafted media files, but requires specific file upload/processing scenarios.

🏢 Internal Only: LOW - Typically requires user interaction or specific file processing workflows.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting a malicious ADTS/AAC file; no authentication needed if file processing is exposed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: Not available

Restart Required: Yes

Instructions:

1. Monitor Live555 repository for security updates. 2. Apply patch when available. 3. Restart affected services after patching.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict validation of ADTS/AAC files before processing

# Implement file validation in application code before passing to Live555

Process Isolation

linux

Run Live555 in isolated containers or sandboxes to limit crash impact

docker run --security-opt=no-new-privileges -d live555-container

🧯 If You Can't Patch

Implement network segmentation to isolate Live555 services
Deploy WAF or reverse proxy with file type filtering for ADTS/AAC

🔍 How to Verify

Check if Vulnerable:

Check if using Live555 version 2018.09.02 or earlier with ADTS/AAC support enabled

Check Version:

Check application documentation or build information for Live555 version

Verify Fix Applied:

Test with known malicious ADTS/AAC files after applying updates

📡 Detection & Monitoring

Log Indicators:

Application crashes
Segmentation faults in Live555 processes
Unexpected process termination

Network Indicators:

Unusual ADTS/AAC file uploads
Streaming service interruptions

SIEM Query:

process_name:"live555" AND (event_type:crash OR exit_code:139)

📊 Metadata

CVE ID: CVE-2025-65405

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-416

EPSS Score: 0.06% exploit probability (18.4th percentile)

Published: December 1, 2025

Last Updated: December 23, 2025

🔗 References

https://github.com/rgaufman/live555 Product
https://shimo.im/docs/25q5XMXpOwSr8w3D Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65405, you might also want to check these: