CVE-2025-70968 identifies a Use After Free (UAF) vulnerability in FreeImage version 3.18.0, specifically within the loadRLE() function of the PluginTARGA.cpp source file. FreeImage is an open-source library widely used for image processing, supporting multiple image formats including TARGA (TGA). The vulnerability arises when the library improperly manages memory during the loading of RLE (Run-Length Encoded) compressed TARGA images, leading to a Use After Free condition. This means that after a memory region is freed, the program continues to use the pointer referencing that memory, which can result in memory corruption. An attacker can craft a malicious TARGA image file that triggers this flaw when processed by an application using the vulnerable FreeImage version. Exploitation could allow arbitrary code execution, enabling attackers to run malicious code within the context of the affected application, or cause a denial of service by crashing the application. No public exploits or patches have been reported at the time of publication, and no CVSS score has been assigned. The vulnerability does not require authentication but does require the victim to process a maliciously crafted image file, implying user interaction or automated processing of untrusted images. The lack of a CVSS score necessitates an assessment based on impact and exploitability factors.

For European organizations, the impact of CVE-2025-70968 can be significant, especially for those relying on FreeImage 3.18.0 in their software stacks for image processing, media editing, or automated image handling workflows. Successful exploitation could lead to remote code execution, allowing attackers to compromise confidentiality, integrity, and availability of affected systems. This could result in data breaches, unauthorized access, or disruption of services. Industries such as media production, digital forensics, software development, and any sector using image processing tools that embed FreeImage are at risk. The vulnerability could be leveraged to target endpoints processing untrusted image files, including web services, desktop applications, or automated pipelines. Given the lack of known exploits, the immediate risk is moderate, but the potential for future exploitation exists. The absence of patches increases exposure until mitigations or updates are applied.

1. Monitor for official patches or updates from the FreeImage project and apply them promptly once available. 2. If no patch is available, consider upgrading to a later, unaffected version of FreeImage or replacing the library with an alternative image processing library. 3. Implement strict input validation and sanitization for all image files, especially TARGA files with RLE compression, to detect and block malformed or suspicious files. 4. Employ sandboxing or containerization for applications processing untrusted images to limit the impact of potential exploitation. 5. Use runtime protections such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and Control Flow Guard (CFG) to mitigate exploitation attempts. 6. Conduct code audits and fuzz testing on image processing components to identify similar vulnerabilities proactively. 7. Educate developers and system administrators about the risks of processing untrusted image files and enforce policies restricting such processing where possible.