CVE-2025-64704 identifies a vulnerability in the bytecodealliance's WebAssembly Micro Runtime (WAMR), a lightweight standalone runtime designed to execute WebAssembly (Wasm) modules efficiently, often used in embedded and edge computing environments. The flaw exists in versions prior to 2.4.4 and is related to improper handling of exceptional conditions during the execution of the v128.store instruction, which is used to store 128-bit SIMD vector data. Specifically, the runtime fails to correctly check for unusual or exceptional conditions, leading to a segmentation fault. This fault can cause the runtime to crash, resulting in a denial of service (DoS) condition. The vulnerability is classified under CWE-754, which concerns improper checks for unusual or exceptional conditions. The CVSS v3.1 base score is 4.7 (medium severity), reflecting that exploitation requires local access (AV:L), high attack complexity (AC:H), no privileges (PR:N), and user interaction (UI:R). The impact is limited to availability (A:H) with no confidentiality or integrity loss. No known exploits have been reported in the wild, and the issue has been addressed in WAMR version 2.4.4. This vulnerability is particularly relevant for environments where WAMR is embedded in IoT devices, edge computing platforms, or other resource-constrained systems where stability and uptime are critical.

For European organizations, the primary impact of CVE-2025-64704 is the potential for denial of service in systems relying on WAMR for WebAssembly execution. This can disrupt critical embedded or edge computing applications, potentially affecting industrial control systems, IoT deployments, and real-time data processing platforms. While the vulnerability does not compromise data confidentiality or integrity, service interruptions could lead to operational downtime, impacting business continuity and possibly safety in industrial environments. Organizations in sectors such as manufacturing, automotive, telecommunications, and smart infrastructure that utilize embedded WebAssembly runtimes may face increased risk. The requirement for local access and user interaction limits remote exploitation but insider threats or compromised local users could trigger the fault. The absence of known exploits reduces immediate risk but does not eliminate the possibility of future targeted attacks. Timely patching is essential to maintain system reliability and avoid cascading failures in interconnected systems.

European organizations should implement the following specific mitigations: 1) Upgrade all WAMR deployments to version 2.4.4 or later to apply the official patch addressing this vulnerability. 2) Conduct an inventory of systems using WAMR, especially embedded and edge devices, to identify vulnerable versions. 3) Restrict local access to devices running WAMR to trusted personnel only and enforce strict user authentication and authorization controls to minimize the risk of exploitation requiring user interaction. 4) Implement monitoring and alerting for abnormal crashes or segmentation faults in WAMR processes to detect potential exploitation attempts early. 5) Where feasible, sandbox or isolate WAMR execution environments to limit the impact of a crash on the broader system. 6) Review and harden the supply chain and update mechanisms for embedded devices to ensure timely deployment of security patches. 7) Educate local users about the risks of interacting with untrusted WebAssembly modules or inputs that could trigger the vulnerability. These targeted actions go beyond generic advice by focusing on the unique deployment contexts of WAMR in embedded and edge computing scenarios.