CVE-2025-15467: Critical OpenSSL RCE and DoS Vulnerability Overview

Critical OpenSSL Vulnerability: CVE-2025-15467 Enables Pre-Auth Remote Code Execution

A critical vulnerability, CVE-2025-15467, CVSS 9.8, was disclosed on January 27, 2026, affecting OpenSSL versions 3.0, 3.3, 3.4, 3.5, and 3.6. An attacker can exploit a stack buffer overflow by sending a malformed encrypted message. This overflow occurs before OpenSSL validates the message, requiring no encryption keys or authentication. If your infrastructure processes S/MIME email or untrusted CMS content, immediate patching is crucial.

Vulnerability Summary

The OpenSSL CMS module parses encrypted messages. When handling AEAD ciphers like AES-GCM, it extracts an Initialization Vector (IV). OpenSSL expects this IV to be 12-16 bytes and allocates a 16-byte buffer on the stack. The vulnerability lies in OpenSSL's failure to validate the message’s claimed IV length before copying it. An oversized IV can overflow the buffer, corrupting adjacent memory, leading to application crashes or potential remote code execution.

Why This Vulnerability Matters

This vulnerability is particularly dangerous due to:

1. Pre-authentication exploitation: The overflow happens during initial parsing, before any cryptographic verification.
2. Low attack complexity: CVSS rates this as 9.8 with low attack complexity and no privileges required.
3. Wide deployment: OpenSSL 3.x is used in numerous mail servers, web servers, and embedded systems.

The attack surface includes any service parsing external CMS or PKCS#7 content. SOC Prime’s Platform offers real-time detection intelligence and detection rules for such vulnerabilities.

Technical Deep Dive

The vulnerable function is evp_cipher_get_asn1_aead_params() in crypto/evp/evp_lib.c, according to JFrog Security Research.

Image courtesy of Penligent

The vulnerable code path involves:

1. Application calling CMS_decrypt() to process a message.
2. OpenSSL parsing the structure and identifying AEAD encryption.
3. Extracting the IV from ASN.1-encoded parameters.
4. Copying the IV to a 16-byte stack buffer without length validation.
5. An oversized IV overflowing into adjacent stack memory.

The fix involves validating that the IV length ≤ EVP_MAX_IV_LENGTH before copying.

Potential Impact

The vulnerability guarantees denial of service due to process crashes. Remote code execution is possible, depending on platform mitigations. Red Hat notes that their Enterprise Linux builds include stack protections that mitigate code execution risks, but denial of service remains possible. Ubuntu's security team states that compiler hardening would reduce a stack buffer overflow to a denial of service only. Systems lacking modern protections face a higher RCE risk.

Affected Versions and Remediation

The following OpenSSL versions are affected:

OpenSSL versions 1.1.1 and 1.0.2 are not affected. FIPS modules are also unaffected. OpenSSL 3.1 (EOL March 2025) and 3.2 (EOL November 2025) likely contain this vulnerability but will not receive patches.

Threat Landscape

Currently:

• No public PoC is available.
• The vulnerability is not listed in the CISA KEV.
• There are no confirmed reports of active exploitation.

Given the detailed technical information available, attackers are likely to weaponize this vulnerability quickly.

Discovery

CVE-2025-15467 was one of 12 vulnerabilities discovered by AISLE, using AI-driven vulnerability discovery.

Identifying Vulnerable Assets

Identifying assets running vulnerable OpenSSL versions and understanding their exposure context is critical.

Practical Implications and Mitigation Strategies

The vulnerability is triggered when parsing CMS AuthEnvelopedData, commonly used in S/MIME and PKCS#7 workflows. Environments that parse untrusted CMS AuthEnvelopedData or verify MACs on untrusted PKCS#12 files are at higher risk. This includes S/MIME email clients, email security gateways, certificate import/export services, PKI/CA tooling, and applications that accept uploaded CMS or PKCS#12 files.

Rank systems by message parsing exposure, not just package presence, to prioritize remediation efforts.

Reproducing the Vulnerability

The denial-of-service aspect of the vulnerability can be reproduced using the openssl cms -decrypt command against a specially crafted PEM file. Datadog provides an example of this, demonstrating a stack-smashing termination.

Gopher Security's AI-Powered Zero-Trust Solution

Gopher Security specializes in AI-powered, post-quantum Zero-Trust cybersecurity architecture. Our platform converges networking and security across devices, apps, and environments using peer-to-peer encrypted tunnels and quantum-resistant cryptography. We provide solutions that ensure robust protection against vulnerabilities like CVE-2025-15467, combining network and security across endpoints, private networks, cloud environments, and remote access.

By leveraging Gopher Security's AI-driven vulnerability detection and post-quantum encryption, organizations can proactively identify and mitigate risks associated with OpenSSL and other critical software components. Our Zero-Trust architecture ensures that all access is verified, regardless of location or device, minimizing the attack surface and preventing unauthorized access.

Explore Gopher Security's services or contact us to learn how we can help you protect your organization against the latest cyber threats.