CVE-2025-45587 is a high-severity vulnerability identified as a stack overflow in the FTP service component of the Audi UTR 2.0 Universal Traffic Recorder 2.0. This vulnerability arises due to improper handling of crafted input data sent to the FTP service, which leads to a stack-based buffer overflow condition (classified under CWE-121). Exploiting this flaw allows an unauthenticated remote attacker to cause a Denial of Service (DoS) by crashing the service or potentially destabilizing the device. The vulnerability has a CVSS v3.1 base score of 7.0, indicating a high severity level. The attack vector is network-based (AV:N), requires high attack complexity (AC:H), no privileges (PR:N), and no user interaction (UI:N). The impact affects availability significantly (A:H), with limited impact on confidentiality and integrity (C:L, I:L). No known exploits are currently reported in the wild, and no patches have been published yet. The affected versions are unspecified, which suggests either the vulnerability affects all versions or that version details are not yet disclosed. The Audi UTR 2.0 is a specialized device used for traffic recording, likely deployed in transportation infrastructure or automotive environments, where availability and reliability are critical.

For European organizations, especially those involved in transportation infrastructure, automotive manufacturing, or traffic monitoring, this vulnerability poses a significant risk. A successful DoS attack could disrupt traffic data collection, impair traffic management systems, or cause operational downtime in environments relying on the Audi UTR 2.0 devices. This disruption could lead to safety risks, loss of critical traffic data, and operational inefficiencies. Given the network-exposed FTP service is vulnerable, attackers could remotely trigger the DoS without authentication, increasing the threat landscape. Although the confidentiality and integrity impacts are low, the availability impact is high, which is critical for real-time traffic systems. The lack of patches and known exploits means organizations must proactively mitigate risk to avoid potential future exploitation. The high attack complexity somewhat reduces the immediate risk but does not eliminate it, especially from skilled threat actors targeting critical infrastructure.

European organizations should immediately conduct an inventory to identify any deployment of Audi UTR 2.0 devices within their infrastructure. Network segmentation should be enforced to isolate these devices from general network access, limiting exposure of the FTP service to trusted management networks only. Implement strict firewall rules to block unauthorized access to the FTP port from external or untrusted sources. Monitoring and alerting should be enhanced for unusual FTP traffic patterns or service crashes indicating exploitation attempts. Since no patches are currently available, consider disabling the FTP service if operationally feasible or replacing the affected devices with updated or alternative solutions. Engage with the vendor (Audi or relevant supplier) to obtain timelines for patches or firmware updates. Additionally, conduct regular backups of traffic data to mitigate data loss risks from potential DoS events. Finally, incorporate this vulnerability into incident response plans to ensure rapid containment and recovery if exploited.