What is CVE-2025-68973?

A high-severity vulnerability in GnuPG can lead to out-of-bounds writes, allowing potential exploitation through crafted input. Organizations must prioritize patching to mitigate risks.

What is the severity of CVE-2025-68973?

CVE-2025-68973 has a severity rating of HIGH with a CVSS base score of 7.8.

CVE-2025-68973 | High Vulnerability in GnuPG

In GnuPG versions prior to 2.4.9, the armor_filter function in g10/armor.c contains a flaw where two increments of an index variable occur instead of one. This vulnerability allows for an out-of-bounds write when processing specially crafted input. Given the potential for exploitation, this vulnerability is classified as high severity with a CVSS score of 7.8.

Risk to organizations includes the possibility of memory corruption, which could lead to unauthorized access or compromise of system integrity. As of now, there are no known exploits publicly available for this vulnerability, and it has not been added to the KEV catalog.

Organizations should prioritize patching immediately. The fixed versions are 2.4.9 and above for standard releases and 2.2.51 and later for Extended LTS.

The urgency for remediation is high, as the out-of-bounds write can lead to significant security risks.

Vulnerability Details

The vulnerability description states: In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

This vulnerability is categorized under CWE-675 (Access of Memory Location Before Start of Buffer) and CWE-787 (Out-of-bounds Write).

The CVSS score is 7.8, classified as high severity. The attack vector is local, requiring low privileges and no user interaction. The potential impacts on confidentiality and integrity are high, while availability is not affected.

Technical Analysis

The root cause of this vulnerability lies within a coding error where the index variable is incremented twice. This can lead to writing data outside the intended bounds, resulting in memory corruption. The attack vector is local, meaning that the attacker must have access to the system to exploit this vulnerability.

The complexity of the attack is rated high, and no special privileges are required to exploit it. User interaction is not necessary, further increasing the risk. The potential impacts are significant, with high confidentiality and integrity impacts.

Risk & Impact Analysis

Organizations using GnuPG should be aware that this vulnerability could be exploited by an attacker with local access to the system. If successfully exploited, an attacker could potentially gain unauthorized access to sensitive data or manipulate the integrity of data.

Given the nature of this vulnerability, organizations must assess their deployment of GnuPG and the potential blast radius should an exploit occur. The CVSS score indicates that this vulnerability is critical enough to warrant immediate attention within patch cycles.

Organizations should prioritize patching immediately.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of GnuPG prior to 2.4.9 are affected. For Extended LTS versions, 2.2.51 and later are fixed versions.

Mitigation & Remediation

To mitigate this vulnerability, organizations should upgrade to GnuPG version 2.4.9 or later. If using an Extended LTS version, upgrading to 2.2.51 or later is necessary. If a patch is not immediately available, organizations should consider implementing additional network controls and configuration hardening measures.

For those looking to validate their security posture, continuous security testing is recommended to identify potential vulnerabilities before they can be exploited.

Detection Guidance

Organizations should monitor logs for any anomalies that may indicate exploitation attempts. Additionally, they should track any unusual behavior in systems running the vulnerable version of GnuPG.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability should not be underestimated. It represents a broader trend of software vulnerabilities that can lead to serious security incidents. Security teams must remain vigilant and proactive in their defensive strategies.

For further insights, organizations can explore our penetration testing services to help identify similar weaknesses.

By understanding the implications of vulnerabilities such as CVE-2025-68973, organizations can better prepare their defenses and reduce the overall risk profile.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-68973: High Vulnerability in GnuPG