CVE-2025-4641 is a critical security vulnerability classified under CWE-611, which pertains to Improper Restriction of XML External Entity (XXE) Reference. This vulnerability affects the bonigarcia WebDriverManager, a widely used Java library that automates the management of browser driver binaries for Selenium WebDriver tests. The affected versions range from 1.0.0 up to but not including 6.0.2. The vulnerability arises from insecure XML parsing in the WebDriverManager.java source file, where external entity references are not properly restricted. This flaw allows an attacker to craft malicious XML inputs that exploit the XML parser's handling of external entities, leading to a Data Serialization External Entities Blowup. Such an attack can cause denial of service through resource exhaustion (e.g., CPU and memory blowup), and potentially allow unauthorized disclosure of sensitive data or remote code execution depending on the XML parser's configuration and the environment. The CVSS 4.0 base score of 9.3 indicates a critical severity level, with an attack vector that is network-based, requiring no privileges or user interaction, and causing high confidentiality and availability impacts. The vulnerability is platform-agnostic, affecting Windows, MacOS, and Linux environments where the vulnerable WebDriverManager versions are used. No known exploits are currently reported in the wild, but the critical nature and ease of exploitation make it a significant risk for organizations relying on this library for automated browser testing or other automation tasks involving XML processing.

For European organizations, the impact of CVE-2025-4641 can be substantial, especially for enterprises and development teams that integrate WebDriverManager into their continuous integration/continuous deployment (CI/CD) pipelines or automated testing frameworks. Exploitation could lead to denial of service conditions, disrupting testing and deployment workflows, which in turn could delay software releases and impact business operations. Additionally, if the XML parser configuration allows, attackers might leverage this vulnerability to access sensitive internal files or execute arbitrary code, leading to data breaches or system compromise. This is particularly critical for sectors with stringent data protection requirements such as finance, healthcare, and government institutions within Europe. The vulnerability's cross-platform nature means that organizations using heterogeneous environments are equally at risk. Moreover, the lack of required authentication and user interaction lowers the barrier for attackers, increasing the likelihood of exploitation in automated or exposed environments.

To mitigate CVE-2025-4641, European organizations should immediately upgrade WebDriverManager to version 6.0.2 or later, where the vulnerability has been addressed. If upgrading is not immediately feasible, organizations should implement the following specific measures: 1) Disable or restrict XML external entity processing in the XML parser configurations used by WebDriverManager, ensuring that external entity resolution is turned off or tightly controlled. 2) Employ input validation and sanitization on all XML inputs processed by WebDriverManager to prevent malicious payloads. 3) Isolate the execution environment of WebDriverManager to minimize the impact of potential exploitation, such as running tests in sandboxed containers with limited privileges and resource quotas. 4) Monitor network traffic and logs for unusual XML parsing errors or resource usage spikes that may indicate exploitation attempts. 5) Incorporate security testing for XXE vulnerabilities in the development lifecycle, including static code analysis and dynamic testing of XML processing components. 6) Educate development and DevOps teams about the risks of XXE and the importance of secure XML handling practices.