CVE-2025-7464 is a medium-severity vulnerability identified in the osrg GoBGP software, versions up to 3.37.0. GoBGP is an open-source implementation of the Border Gateway Protocol (BGP), widely used for routing decisions on the internet and within large enterprise networks. The vulnerability exists in the SplitRTR function within the pkg/packet/rtr/rtr.go source file. Specifically, it is an out-of-bounds read flaw, which occurs when the function improperly handles input data, allowing it to read memory beyond the intended buffer boundaries. This can lead to information disclosure or potentially cause the application to behave unpredictably. The vulnerability can be exploited remotely without authentication or user interaction, but the attack complexity is considered high and exploitability is difficult, indicating that a skilled attacker would be required to successfully leverage this flaw. No known exploits are currently reported in the wild. The issue was patched in commit e748f43496d74946d14fed85c776452e47b99d64. The CVSS 4.0 vector (AV:N/AC:H/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X) reflects a network attack vector with high complexity, no privileges or user interaction needed, no impact on confidentiality, integrity, or availability, and limited impact on availability (low). This suggests the primary risk is limited information leakage or minor disruption rather than full system compromise. Given GoBGP’s role in routing infrastructure, exploitation could potentially affect network stability or leak routing information if successfully triggered.

For European organizations, the impact of this vulnerability depends largely on their use of GoBGP in critical network infrastructure. Many ISPs, cloud providers, and large enterprises in Europe rely on BGP implementations for routing traffic across their networks. An out-of-bounds read vulnerability could allow attackers to glean sensitive routing information or cause instability in routing processes, potentially leading to degraded network performance or outages. While the vulnerability does not directly enable code execution or privilege escalation, any disruption in BGP routing can have cascading effects on network availability and reliability. European organizations with complex, large-scale networks or those operating internet exchange points (IXPs) are particularly at risk. Additionally, the high complexity and difficulty of exploitation reduce the likelihood of widespread attacks but do not eliminate targeted attacks against high-value infrastructure. The lack of known exploits in the wild currently limits immediate risk, but proactive patching is critical to prevent future exploitation attempts.

European organizations should prioritize applying the official patch identified by commit e748f43496d74946d14fed85c776452e47b99d64 to all affected GoBGP instances. Network administrators should audit their environments to identify all GoBGP deployments, including embedded systems and network appliances that may use GoBGP internally. Implement strict input validation and monitoring on BGP sessions to detect anomalous or malformed packets that could trigger the vulnerability. Employ network segmentation and access controls to limit exposure of BGP routers to untrusted networks, reducing the attack surface. Regularly update and patch routing software as part of a robust vulnerability management program. Additionally, monitoring network traffic for unusual routing updates or instability can help detect exploitation attempts early. Given the high complexity of exploitation, investing in threat intelligence and anomaly detection focused on BGP behavior is recommended to enhance detection capabilities.