Skip to main content

CVE-2025-48708: CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer in Artifex Ghostscript

Medium
VulnerabilityCVE-2025-48708cvecve-2025-48708cwe-212
Published: Fri May 23 2025 (05/23/2025, 00:00:00 UTC)
Source: CVE
Vendor/Project: Artifex
Product: Ghostscript

Description

gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext.

AI-Powered Analysis

AILast updated: 07/08/2025, 04:11:25 UTC

Technical Analysis

CVE-2025-48708 is a medium-severity vulnerability identified in Artifex Ghostscript, a widely used interpreter for PostScript and PDF files. The vulnerability arises from improper sanitization of arguments in the function gs_lib_ctx_stash_sanitized_arg located in base/gslibctx.c prior to version 10.05.1. Specifically, the function fails to sanitize the '#' character in arguments, which leads to sensitive information, such as passwords, being included in cleartext within generated PDF documents. This issue is classified under CWE-212, which pertains to the improper removal of sensitive information before storage or transfer. The vulnerability does not require user interaction or privileges to exploit but does require local access (AV:L) to the system where Ghostscript is running. The CVSS v3.1 base score is 4.0, indicating a medium severity level, with confidentiality impact limited to partial disclosure of sensitive data, no impact on integrity or availability, and low attack complexity. No known exploits are currently reported in the wild, and no patches have been linked yet. The flaw essentially risks leaking passwords embedded in PDFs, potentially exposing sensitive credentials if the PDFs are shared or intercepted.

Potential Impact

For European organizations, this vulnerability poses a risk primarily to confidentiality. Organizations that use Ghostscript for PDF generation or processing, especially those embedding passwords or sensitive data in PDFs, could inadvertently expose these secrets in cleartext. This could lead to unauthorized access if attackers obtain these documents, undermining data protection and privacy obligations under regulations like GDPR. The impact is particularly relevant for sectors handling sensitive or regulated data, such as finance, healthcare, legal, and government agencies. Although the vulnerability does not affect integrity or availability, the exposure of passwords could facilitate further attacks or unauthorized access to protected documents or systems. Since exploitation requires local access, the threat is more significant in environments where multiple users share systems or where attackers have gained initial footholds. The lack of user interaction and low attack complexity means that once local access is achieved, exploitation is straightforward. The absence of known exploits in the wild reduces immediate risk but does not eliminate the need for prompt mitigation.

Mitigation Recommendations

European organizations should take the following specific actions: 1) Immediately audit the use of Ghostscript in their environments to identify versions prior to 10.05.1. 2) Avoid embedding passwords or sensitive information directly in PDFs generated or processed by Ghostscript until a patch is available. 3) Implement strict access controls and monitoring on systems running Ghostscript to prevent unauthorized local access, including limiting user privileges and employing endpoint detection and response (EDR) solutions. 4) Use encryption and secure channels for PDF distribution to mitigate the risk of interception. 5) Monitor vendor communications closely for the release of a security patch and plan for rapid deployment. 6) Consider alternative PDF processing tools that do not exhibit this vulnerability if immediate patching is not feasible. 7) Review internal policies regarding password handling in documents to minimize exposure risk. These measures go beyond generic advice by focusing on operational controls, secure handling practices, and proactive monitoring tailored to the vulnerability's characteristics.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-05-23T00:00:00.000Z
Cisa Enriched
false
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682ff7ee0acd01a249270dc0

Added to database: 5/23/2025, 4:22:06 AM

Last enriched: 7/8/2025, 4:11:25 AM

Last updated: 8/9/2025, 2:23:28 AM

Views: 22

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats