What is CVE-2025-51005?

A high-severity heap-buffer-overflow vulnerability in Broadcom's tcpreplay could lead to denial of service. Organizations should prioritize patching to mitigate risks.

What is the severity of CVE-2025-51005?

CVE-2025-51005 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2025-51005 | High Vulnerability in Broadcom tcpreplay

A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service. This vulnerability is classified as high severity with a CVSS score of 7.5.

Organizations are at risk because this vulnerability allows attackers to exploit the tcpreplay utility over a network, with a low attack complexity and no required privileges. The impact on availability is high, which could disrupt services.

Given the potential for denial of service, organizations should prioritize patching immediately. The urgency is underscored by the fact that the exploit is known and could be leveraged by attackers.

As of now, the vulnerability is listed as actively exploitable, and organizations should remain vigilant and assess their systems for this vulnerability.

Vulnerability Details

The official CVE description states that there is a heap-buffer-overflow vulnerability in the tcpliveplay utility of the tcpreplay-4.5.1. This issue arises when a crafted pcap file is processed, leading to improper memory handling in the checksum calculation logic. The CVSS score for this vulnerability is 7.5, indicating a high severity level. The affected product is tcpreplay by Broadcom, and the vulnerability has a CWE classification of CWE-122.

Technical Analysis

The root cause of this vulnerability is a heap-buffer-overflow that occurs in the checksum calculation logic. The attack vector is via the network, allowing remote attackers to exploit the vulnerability without requiring any privileges or user interaction. The attack complexity is low, which means that the exploit can be executed easily.

The impact on confidentiality and integrity is none; however, the availability impact is high, which suggests that successful exploitation could lead to service outages. Organizations using tcpreplay should review their configurations and monitor for any unusual activity.

Risk & Impact Analysis

Risk to organizations includes potential service disruption due to the denial of service resulting from this vulnerability. The ease of exploitation emphasizes the need for immediate remediation, given that the exploitability score is rated high. Organizations should assess their risk exposure and implement necessary patches as part of their security protocols.

The blast radius of this vulnerability could affect any systems utilizing the tcpreplay utility, making it crucial for organizations to prioritize addressing this issue. Given the current threat landscape, it is imperative to monitor for any indicators of compromise associated with this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected version for this vulnerability is tcpreplay version 4.5.1. Organizations should ensure they have applied the necessary patches to mitigate this vulnerability.

Mitigation & Remediation

Organizations should prioritize applying patches to tcpreplay version 4.5.1 to remediate this vulnerability. Additionally, consider implementing workarounds such as configuring network controls and enhancing monitoring to detect potential exploitation attempts.

For further guidance, organizations may refer to resources like the penetration testing services to validate their security posture.

Detection Guidance

To detect exploitation attempts, organizations should monitor logs for unusual behavior associated with tcpreplay. Indicators may include unexpected process behavior or unusual network traffic patterns.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of rigorous testing in software development. As vulnerabilities like this emerge, organizations must remain vigilant and enhance their security measures to protect against potential risks.

Engaging in regular security assessments and employing effective application security assessments can help identify similar weaknesses.

Additionally, organizations should consider following best practices for secure coding and vulnerability management to mitigate the risk posed by such threats.

For strategic insights, organizations can refer to the penetration testing methodology blog for detailed guidance.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-51005: High Vulnerability in Broadcom tcpreplay