CVE-2025-65405 identifies a use-after-free vulnerability within the ADTSAudioFileSource::samplingFrequency() function of Live555 Streaming Media, specifically in version 2018.09.02. Live555 is an open-source media streaming library widely used for RTSP streaming and handling various media formats, including ADTS/AAC audio streams. The vulnerability arises when the function processes crafted ADTS/AAC files that manipulate memory management, leading to a use-after-free condition. This memory corruption flaw can cause the application to crash, resulting in a Denial of Service (DoS). The flaw does not affect confidentiality or integrity but impacts availability by terminating the streaming service unexpectedly. Exploitation requires no privileges (AV:N) and no authentication (PR:N), but user interaction (UI:R) is necessary as the victim must process the malicious media file. The vulnerability scope is unchanged (S:U), meaning the impact is limited to the vulnerable component. The CVSS vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) reflects a medium severity rating with a score of 6.5. No patches or fixes have been published at the time of disclosure, and no known exploits have been observed in the wild. The underlying weakness is classified as CWE-416 (Use After Free), a common memory corruption issue that can lead to application instability or crashes. Organizations using Live555 Streaming Media for streaming services, particularly those handling ADTS/AAC audio streams, are at risk of service disruption if malicious media files are processed.

For European organizations, the primary impact of CVE-2025-65405 is the potential for Denial of Service, which can disrupt media streaming services relying on Live555 Streaming Media. This can affect telecommunications providers, media broadcasters, IPTV services, and any enterprise using Live555 for streaming audio/video content. Service interruptions could lead to customer dissatisfaction, loss of revenue, and reputational damage. Although the vulnerability does not allow data theft or code execution, the availability impact can be significant in environments requiring high uptime and reliability. Critical infrastructure or public service broadcasters in Europe that depend on uninterrupted streaming could face operational challenges. Additionally, organizations with automated media processing pipelines may experience workflow disruptions. The lack of a patch increases the risk window, necessitating immediate mitigation efforts to prevent exploitation.

1. Restrict and validate all incoming media streams to ensure only trusted sources are processed by Live555 components. 2. Implement network-level filtering to block suspicious or malformed ADTS/AAC media files before they reach vulnerable systems. 3. Employ application-level sandboxing or containerization for media processing to isolate potential crashes and prevent broader service impact. 4. Monitor logs and application behavior for abnormal crashes or restarts indicative of exploitation attempts. 5. Disable or limit user interaction paths that allow processing of untrusted media files until patches are available. 6. Engage with Live555 maintainers or vendors for timely patch releases and apply updates promptly once available. 7. Consider alternative streaming media libraries or updated versions not affected by this vulnerability if immediate patching is not feasible. 8. Conduct internal security awareness to inform users about the risks of opening untrusted media files.