CVE-2025-66043 is a critical stack-based buffer overflow vulnerability identified in version 3.9.1 of libbiosig, an open-source library used for biosignal processing, including biometric data formats. The flaw resides in the MFER (Multi-File EEG Record) parsing functionality, specifically when processing data tagged with the value 3. The vulnerability arises from improper bounds checking on stack buffers, allowing an attacker to craft a malicious MFER file that overflows the buffer. This overflow can overwrite the stack, enabling arbitrary code execution in the context of the vulnerable application. The vulnerability requires no privileges or user interaction, and can be exploited remotely by supplying a malicious file to the system that processes MFER data via libbiosig. The CVSS v3.1 score of 9.8 reflects the critical nature, with network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact includes full compromise of confidentiality, integrity, and availability of affected systems. While no public exploits are known yet, the vulnerability is severe due to the common use of libbiosig in biomedical and biometric applications, which often handle sensitive personal data. The lack of an available patch at the time of disclosure increases the urgency for defensive measures.

For European organizations, the impact of CVE-2025-66043 is significant, especially in sectors relying on biosignal processing such as healthcare, biomedical research, and biometric security systems. Exploitation could lead to full system compromise, data breaches involving sensitive biometric or medical data, disruption of critical healthcare services, and potential manipulation of biometric authentication systems. This could result in regulatory penalties under GDPR due to exposure of personal health information, reputational damage, and operational downtime. The ability to execute arbitrary code remotely without authentication increases the risk of widespread exploitation if malicious actors target these environments. Organizations integrating libbiosig into medical devices, research tools, or biometric authentication platforms are particularly vulnerable.

1. Monitor official channels of The Biosig Project for patches or updates addressing CVE-2025-66043 and apply them immediately once available. 2. Until a patch is released, implement strict input validation and sanitization to block or quarantine MFER files from untrusted sources. 3. Employ application-layer sandboxing or containerization for software components that process MFER files to limit the impact of potential exploitation. 4. Use network-level controls to restrict access to services that handle MFER files, limiting exposure to untrusted networks. 5. Conduct thorough code audits and penetration testing on applications using libbiosig to identify and mitigate similar vulnerabilities. 6. Implement runtime protections such as stack canaries, ASLR, and DEP to reduce exploitation success. 7. Increase monitoring and logging for anomalies related to MFER file processing to detect exploitation attempts early. 8. Educate staff about the risks of processing untrusted biosignal files and enforce strict file handling policies.