CVE-2025-65410 identifies a stack overflow vulnerability in the src/main.c component of GNU Unrtf version 0.21.10. The flaw arises when the program processes the filename parameter, which can be manipulated by an attacker to inject crafted input that overflows the stack. This overflow leads to a Denial of Service (DoS) condition by crashing the application or causing undefined behavior. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow). The CVSS v3.1 score is 6.2, reflecting a medium severity level, with an attack vector of local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no impact on confidentiality or integrity (C:N/I:N), and high impact on availability (A:H). Exploitation requires local access to the system to execute the vulnerable binary with malicious input. No public exploits or patches are currently available, indicating the vulnerability is newly disclosed or not yet widely exploited. The vulnerability primarily threatens the availability of systems running GNU Unrtf, potentially disrupting document conversion workflows or automated processing pipelines that rely on this tool.

For European organizations, the primary impact of CVE-2025-65410 is the potential denial of service on systems utilizing GNU Unrtf for document conversion or processing tasks. This can lead to interruptions in business operations, especially in sectors heavily reliant on automated document handling such as legal, financial, and governmental institutions. Although the vulnerability does not compromise confidentiality or integrity, service unavailability can affect productivity and may cause delays in critical workflows. Organizations with strict uptime requirements or those using GNU Unrtf in batch processing or embedded systems could experience operational disruptions. The local attack vector limits the risk to insiders or attackers who have gained local access, reducing the likelihood of remote exploitation but emphasizing the need for internal security controls. Since no known exploits are in the wild, the immediate risk is moderate, but the vulnerability should be addressed proactively to prevent future exploitation.

1. Restrict access to the GNU Unrtf binary to trusted users only, minimizing the risk of local exploitation. 2. Monitor and control local user privileges to prevent unauthorized execution of the vulnerable program. 3. Implement input validation or sanitization mechanisms around any automated processes that invoke GNU Unrtf with user-supplied filenames. 4. Use sandboxing or containerization to isolate the execution environment of GNU Unrtf, limiting the impact of potential crashes. 5. Regularly check for and apply official patches or updates from GNU Unrtf maintainers once available. 6. Employ application whitelisting to prevent unauthorized or unexpected execution of the vulnerable binary. 7. Conduct internal audits to identify systems using GNU Unrtf and assess exposure. 8. Consider alternative document conversion tools with active maintenance and security support if patching is delayed. 9. Maintain robust logging and monitoring to detect abnormal crashes or usage patterns indicative of exploitation attempts.