CVE-2025-8534 is a vulnerability identified in libtiff version 4.6.0, specifically within the tiff2ps component's PS_Lvl2page function located in the tools/tiff2ps.c source file. The issue arises due to a null pointer dereference triggered under certain conditions, notably when the DEFER_STRILE_LOAD option is enabled or when TIFFOpen is called with the "rD" mode. This vulnerability can be exploited locally, meaning an attacker must have some level of access to the host system to trigger the fault. The attack complexity is considered high, and exploitation is difficult, which reduces the likelihood of widespread exploitation. The vulnerability does not require user interaction and does not affect confidentiality, integrity, or availability beyond causing a denial of service through application crash or unexpected termination. The CVSS 4.0 base score is 2 (low severity), reflecting the limited impact and exploitation difficulty. A patch identified by commit 6ba36f159fd396ad11bf6b7874554197736ecc8b has been released to address this issue. No known exploits are currently active in the wild. The vulnerability primarily affects environments where libtiff 4.6.0 is used with the specific deferred loading or TIFFOpen "rD" options, which may be uncommon in typical deployments.

For European organizations, the impact of this vulnerability is generally low due to its limited scope and exploitation complexity. The vulnerability could cause denial of service on local systems running vulnerable libtiff versions with the specific configurations, potentially disrupting applications that rely on tiff2ps for TIFF to PostScript conversion. This might affect workflows in industries such as publishing, printing, or graphic design where TIFF image processing is common. However, since exploitation requires local access and specific configuration, the risk of remote attacks or widespread disruption is minimal. Organizations with automated image processing pipelines or internal tools using libtiff 4.6.0 with the affected options should be aware of potential service interruptions. The vulnerability does not lead to data breaches or privilege escalation, limiting its impact on confidentiality and integrity.

European organizations should prioritize patching libtiff installations to versions beyond 4.6.0 where this vulnerability is fixed, applying the patch identified by commit 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is important to audit systems to identify where libtiff 4.6.0 is deployed, especially in environments using the tiff2ps tool or TIFFOpen with the "rD" mode or DEFER_STRILE_LOAD enabled. If upgrading or patching is not immediately feasible, organizations should consider disabling the DEFER_STRILE_LOAD option and avoid using TIFFOpen with the "rD" mode to mitigate the risk. Additionally, restricting local access to trusted users and monitoring for abnormal application crashes related to tiff2ps can help detect exploitation attempts. Incorporating libtiff vulnerability checks into regular vulnerability management and software inventory processes will ensure timely detection and remediation.