CVE-2025-6375 is a vulnerability identified in the Poco C++ Libraries, specifically affecting versions up to 1.14.1. The flaw resides in the MultipartInputStream function within the Net/src/MultipartReader.cpp file. The vulnerability is caused by a null pointer dereference, which occurs when the function attempts to access or manipulate memory through a pointer that has not been properly initialized or has been set to null. This can lead to a denial of service (DoS) condition by crashing the application or service using the vulnerable Poco library. The vulnerability requires local access with low privileges (local attack vector, low privileges required) and does not require user interaction or authentication. The CVSS v4.0 base score is 4.8, categorized as medium severity. The exploit has been publicly disclosed, but there are no known exploits actively used in the wild at this time. The issue is resolved in Poco version 1.14.2, with a patch identified by commit 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. The vulnerability does not impact confidentiality, integrity, or availability beyond causing a potential application crash. It is important to note that the attack vector is local, meaning an attacker must have some level of access to the affected system to exploit the flaw, limiting its remote exploitation potential. The vulnerability is rated as problematic due to the possibility of service disruption in applications relying on the MultipartInputStream functionality of Poco.

For European organizations, the primary impact of CVE-2025-6375 is the potential for denial of service in applications or services that utilize the affected Poco library versions (up to 1.14.1). This could disrupt business operations, especially in environments where Poco is used for network communication or multipart data processing. Since the vulnerability requires local access and low privileges, the risk is higher in environments with multiple users or where attackers can gain initial footholds through other means. The impact on confidentiality and integrity is negligible, but availability could be affected if critical services crash due to exploitation. Organizations in sectors such as telecommunications, industrial control systems, and software development that embed Poco libraries in their products or infrastructure may be more susceptible. The medium severity rating suggests that while the vulnerability is not critical, it should be addressed promptly to avoid potential service disruptions and to maintain operational stability.

1. Immediate upgrade to Poco version 1.14.2 or later to apply the official patch addressing the null pointer dereference in MultipartInputStream. 2. Conduct an inventory of all software and systems using Poco libraries, especially versions 1.14.0 and 1.14.1, to identify vulnerable instances. 3. Restrict local access to systems running vulnerable Poco versions by enforcing strict access controls and monitoring for unauthorized local logins or privilege escalations. 4. Implement application-level monitoring and logging to detect abnormal crashes or restarts that may indicate exploitation attempts. 5. For development teams, review and harden code that interacts with MultipartInputStream to handle null pointers safely, adding defensive programming practices to prevent similar issues. 6. Employ endpoint protection solutions that can detect anomalous process terminations or local exploitation attempts. 7. In environments where immediate upgrading is not feasible, consider isolating vulnerable systems or running them with minimal privileges to reduce the attack surface. 8. Maintain up-to-date backups and incident response plans to quickly recover from potential denial of service incidents caused by exploitation.