Description
RSA BSAFE Crypto-C Micro Edition versions from 4.0.0.0 before 4.0.5.4 and from 4.1.0 before 4.1.4, RSA BSAFE Micro Edition Suite versions from 4.0.0 before 4.0.13 and from 4.1.0 before 4.4 and RSA Crypto-C versions from 6.0.0 through 6.4.* are vulnerable to an out-of-bounds read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
https://www.dell.com/support/kbdoc/000194054
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2140
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2141
Scores
CVSS v3
7.5
EPSS
0.0063
EPSS Percentile
70.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (3)
dell/bsafe_crypto-c
6.0.0 - 6.4
dell/bsafe_crypto-c-micro-edition
4.0.0 - 4.0.5.4
dell/bsafe_micro-edition-suite
4.0.0 - 4.0.13
Published
Sep 30, 2019
Tracked Since
Feb 18, 2026