CVE-2025-3377 is a buffer overflow vulnerability identified in PCMan FTP Server version 2.0.7, specifically within the processing of the ENC Command Handler component. A buffer overflow occurs when more data is written to a buffer than it can hold, potentially allowing an attacker to overwrite adjacent memory, which can lead to arbitrary code execution, crashes, or other unpredictable behavior. This vulnerability is exploitable remotely without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The vulnerability affects the confidentiality, integrity, and availability of the affected system, though the CVSS score of 6.9 categorizes it as medium severity. The lack of authentication and user interaction requirements increases the risk of exploitation. However, the CVSS vector also indicates low impact on confidentiality, integrity, and availability individually (VC:L/VI:L/VA:L), suggesting that while the vulnerability can be exploited remotely, the extent of damage may be limited or requires additional conditions. No public exploit is currently known to be in the wild, and no patches or mitigations have been explicitly linked in the provided data. The vulnerability was publicly disclosed on April 7, 2025, and affects only version 2.0.7 of PCMan FTP Server. Given the nature of FTP servers as critical infrastructure for file transfer, exploitation could lead to unauthorized access or denial of service, impacting business operations relying on this service.

For European organizations, the impact of this vulnerability could be significant depending on the deployment of PCMan FTP Server 2.0.7 within their infrastructure. FTP servers often handle sensitive file transfers, and a successful exploit could allow attackers to execute arbitrary code remotely, potentially leading to data breaches, system compromise, or service disruption. This could affect confidentiality if sensitive files are accessed or exfiltrated, integrity if files are altered, and availability if the server crashes or is taken offline. Organizations in sectors such as finance, healthcare, manufacturing, and government, which rely on FTP for data exchange, could face operational disruptions and regulatory compliance issues under GDPR if personal data is compromised. The medium severity rating suggests that while the vulnerability is serious, it may require specific conditions or additional vulnerabilities to be fully exploited. However, the absence of required authentication and user interaction increases the risk profile. The lack of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, especially as public disclosure may lead to the development of exploits.

1. Immediate mitigation should include disabling the ENC Command Handler functionality if possible or restricting access to the FTP server to trusted networks only via firewall rules to reduce exposure. 2. Monitor network traffic for unusual activity targeting the FTP server, especially commands related to the ENC handler. 3. Implement network segmentation to isolate FTP servers from critical systems to limit lateral movement in case of compromise. 4. Since no official patch links are provided, organizations should contact PCMan or monitor vendor channels for patches or updates addressing this vulnerability and apply them promptly once available. 5. Employ intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics capable of detecting buffer overflow attempts against FTP services. 6. Conduct regular security assessments and penetration tests focusing on FTP services to identify and remediate vulnerabilities proactively. 7. Consider migrating to more secure file transfer protocols such as SFTP or FTPS if feasible, reducing reliance on vulnerable FTP implementations.