CVE-2025-9341 is a medium severity vulnerability classified under CWE-400, indicating uncontrolled resource consumption within the Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS library. Specifically, this vulnerability affects the AESNativeCBC implementation in the Bouncy Castle for Java FIPS (bc-fips) and Long-Term Support (LTS) versions (bcprov-lts8on). The affected versions include BC-FJA 2.1.0 and BC-LTS versions from 2.73.0 through 2.73.7. The vulnerability allows an attacker to trigger excessive memory allocation during cryptographic operations, leading to potential denial of service (DoS) conditions due to resource exhaustion. The issue arises from improper handling of input or internal state in the AESNativeCBC Java classes, which are responsible for AES encryption in CBC mode under FIPS compliance. The CVSS 4.0 base score is 5.9 (medium), reflecting that exploitation requires local access (AV:L), low attack complexity (AC:L), no privileges (PR:N), no user interaction (UI:N), and partial impact on availability (VA:H) and confidentiality (VC). The vulnerability does not require authentication and does not affect integrity or availability beyond resource exhaustion. No known exploits are currently in the wild, and no patches have been linked yet. This vulnerability is significant because Bouncy Castle is widely used as a cryptographic provider in Java applications, including enterprise and government software requiring FIPS compliance. An attacker with local access to a system running affected versions could cause service degradation or crashes by triggering excessive resource consumption during cryptographic operations.

For European organizations, this vulnerability poses a risk primarily to systems that rely on the Bouncy Castle Java FIPS provider for cryptographic functions, especially those handling sensitive or regulated data under GDPR and other compliance regimes. The uncontrolled resource consumption could lead to denial of service, impacting availability of critical applications such as secure communications, identity management, and data encryption services. This is particularly concerning for sectors like finance, healthcare, and government agencies that often mandate FIPS-compliant cryptography. The vulnerability requires local access, so the threat vector is limited to insiders or attackers who have already compromised a system to some extent. However, once exploited, it could facilitate lateral movement or disruption of services. Given the widespread use of Java and Bouncy Castle in European enterprise environments, the potential for service outages or degraded performance could have operational and reputational consequences. Additionally, organizations subject to strict compliance may face regulatory scrutiny if they fail to address this vulnerability in a timely manner.

1. Immediate mitigation involves upgrading to a patched version of Bouncy Castle for Java FIPS and LTS once available from the vendor. Monitor official Legion of the Bouncy Castle Inc. channels for patch releases. 2. Until patches are available, restrict local access to systems running affected versions to trusted personnel only, minimizing the risk of exploitation. 3. Implement resource usage monitoring and alerting on critical systems to detect abnormal memory or CPU consumption patterns indicative of exploitation attempts. 4. Employ application-level input validation and limit the size or complexity of cryptographic operations where feasible to reduce the risk of triggering excessive allocations. 5. Review and harden system access controls, including privilege separation and sandboxing of Java applications using Bouncy Castle to contain potential DoS impacts. 6. Conduct thorough inventory and audit of Java applications using Bouncy Castle FIPS providers to identify and prioritize remediation efforts. 7. Engage with software vendors and internal development teams to ensure cryptographic libraries are updated promptly and tested for stability post-patch.