CVE-2025-10543 is a vulnerability identified in the Eclipse Foundation's paho.mqtt.golang library, specifically versions up to 1.5.0. The issue stems from an incorrect conversion between numeric types when handling UTF-8 encoded strings exceeding 65535 bytes in length. Internally, the library converts the length of the data from a larger integer type (int64 or int32 depending on CPU architecture) to a 16-bit integer (int16) without proper overflow checks. Since int16 can only represent values up to 65535, any string longer than this causes the length field to wrap or truncate, leading to a mismatch between the declared length and actual data size. This results in malformed MQTT packets where excess data can overflow into adjacent fields, such as the MQTT topic leaking into the message payload of a PUBLISH packet. The vulnerability falls under CWE-681 (Incorrect Conversion between Numeric Types) and CWE-197 (Numeric Truncation Error). Exploitation requires sending specially crafted MQTT messages with oversized UTF-8 strings to a server using the vulnerable library. The CVSS 4.0 base score is 6.3 (medium severity), reflecting network attack vector, no privileges required, no user interaction, and low impact on confidentiality. Although no exploits are currently known in the wild, the flaw could be leveraged to disrupt MQTT communications, cause data leakage, or potentially facilitate further attacks by corrupting message integrity. This vulnerability is particularly relevant for IoT environments and messaging systems relying on MQTT protocol implemented via this Go library. No official patches are listed yet, so mitigation relies on input validation and monitoring.

For European organizations, the impact of CVE-2025-10543 can be significant in sectors relying heavily on MQTT for IoT device communication, industrial automation, smart city infrastructure, and real-time telemetry. The vulnerability can lead to leakage of sensitive topic information into message payloads, potentially exposing confidential data or operational details. Packet corruption may disrupt message delivery, causing loss of data integrity and availability of critical services. This can affect manufacturing plants, energy grids, transportation systems, and healthcare devices that use MQTT for messaging. The medium severity rating indicates moderate risk, but the widespread use of MQTT in IoT ecosystems across Europe elevates the importance of addressing this flaw. Attackers could exploit this vulnerability remotely without authentication, increasing the attack surface. The lack of known exploits currently reduces immediate risk but does not eliminate the potential for future exploitation. Organizations may face operational disruptions, data confidentiality breaches, and compliance risks if unmitigated.

1. Immediately audit all systems and applications using the paho.mqtt.golang library to identify versions <=1.5.0. 2. Apply patches or updates from the Eclipse Foundation as soon as they become available to fix the numeric conversion issue. 3. Implement strict input validation on MQTT message lengths at the application layer to reject or truncate UTF-8 strings exceeding 65535 bytes before passing them to the library. 4. Deploy network-level MQTT protocol anomaly detection and filtering to identify and block malformed packets that could exploit this vulnerability. 5. Use MQTT brokers and clients that enforce maximum topic and payload sizes consistent with protocol specifications to prevent oversized messages. 6. Monitor MQTT traffic logs for unusual patterns or errors indicating malformed packets or data leakage. 7. For critical environments, consider isolating MQTT communication networks and applying strict access controls to limit exposure. 8. Engage with vendors and open-source communities to track vulnerability disclosures and remediation status. 9. Conduct security testing and fuzzing of MQTT implementations to detect similar numeric conversion or truncation issues proactively.