CVE-2025-69419 Overview
CVE-2025-69419 is an out-of-bounds write vulnerability [CWE-787] in OpenSSL's PKCS12_get_friendlyname() function. The flaw resides in the bmp_to_utf8() helper used during PKCS#12 BMPString (UTF-16BE) to UTF-8 conversion. When parsing an attacker-controlled PKCS#12 file containing a friendly name with non-ASCII BMP code points above U+07FF, the function writes a single NUL byte before the allocated heap buffer. The defect affects OpenSSL versions 3.6, 3.5, 3.4, 3.3, 3.0, and 1.1.1. OpenSSL 1.0.2 and the FIPS modules in supported 3.x branches are not affected.
Critical Impact
Applications calling PKCS12_get_friendlyname() on untrusted PKCS#12 files can experience heap memory corruption leading to denial of service.
Affected Products
- OpenSSL 3.6, 3.5, 3.4, 3.3, and 3.0 branches
- OpenSSL 1.1.1
- Siemens products bundling vulnerable OpenSSL builds (see Siemens advisory SSA-265688)
Discovery Timeline
- 2026-01-27 - OpenSSL publishes security advisory 20260127.txt and commits fixes
- 2026-01-27 - CVE-2025-69419 published to NVD
- 2026-05-12 - Last updated in NVD database
Technical Details for CVE-2025-69419
Vulnerability Analysis
The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString to UTF-8. In the emission pass, the helper bmp_to_utf8() forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). BMP code points above U+07FF require three UTF-8 bytes, but the forwarded capacity can be only two bytes.
When capacity is insufficient, UTF8_putc() returns -1. The calling code adds this negative value to the running output length without validation, causing the length to become negative. The subsequent trailing NUL byte is written at a negative offset, landing one byte before the heap allocation.
The issue is reachable through the public PKCS12_get_friendlyname() API when an application parses an attacker-supplied PKCS#12 file. PKCS12_parse() takes a different code path and is unaffected.
Root Cause
The root cause is improper boundary handling between two conversion stages. The byte count passed to UTF8_putc() represents source bytes remaining rather than destination bytes available. Combined with missing validation of the negative return value, the bug allows a controlled negative index into a heap buffer.
Attack Vector
An attacker delivers a crafted PKCS#12 file containing a BMPString friendly name with non-ASCII BMP characters. When a target application invokes PKCS12_get_friendlyname() on the file, OpenSSL writes a zero byte immediately before the destination heap allocation. The corruption can produce memory disruption or denial of service depending on adjacent heap state.
The vulnerability requires no authentication and can be triggered remotely if the parsing application accepts PKCS#12 files from network sources. Exploitation complexity is elevated because the write is constrained to a single NUL byte at a fixed negative offset.
Detection Methods for CVE-2025-69419
Indicators of Compromise
- Unexpected crashes or heap corruption errors in processes that parse PKCS#12 (.p12, .pfx) files using OpenSSL
- Receipt of PKCS#12 files containing BMPString friendly name attributes with UTF-16BE code points above U+07FF from untrusted sources
- Application logs showing aborts inside OPENSSL_uni2utf8, bmp_to_utf8, or PKCS12_get_friendlyname
Detection Strategies
- Inventory installed OpenSSL versions across endpoints and servers, flagging any in the 1.1.1, 3.0, 3.3, 3.4, 3.5, or 3.6 branches prior to the fixed releases
- Inspect inbound PKCS#12 artifacts for oversized or unusual BMPString friendly name attributes containing characters above U+07FF
- Apply heap protections (ASan, hardened allocators) in development and test environments to surface the one-byte underflow during fuzzing
Monitoring Recommendations
- Monitor application crash telemetry for repeated faults in code paths that invoke PKCS12_get_friendlyname()
- Alert on receipt of PKCS#12 files from external email gateways, file shares, or web uploads where the parsing service has not been patched
- Track third-party software bills of materials (SBOMs) for embedded OpenSSL components matching the affected version ranges
How to Mitigate CVE-2025-69419
Immediate Actions Required
- Upgrade OpenSSL to the fixed releases announced in the OpenSSL Security Advisory for the 3.6, 3.5, 3.4, 3.3, 3.0, and 1.1.1 branches
- Rebuild and redeploy applications statically linked against vulnerable OpenSSL versions
- Review applications for direct callers of PKCS12_get_friendlyname() and prefer PKCS12_parse() where feasible until patches are applied
Patch Information
OpenSSL released fixes in the upstream commits 41be0f21, 7e9cac98, a26a90d3, cda12de3, and ff628933. The fix validates the return value from UTF8_putc() and forwards the correct destination buffer capacity. Siemens customers should consult Siemens Security Advisory SSA-265688 for product-specific updates.
Workarounds
- Avoid calling PKCS12_get_friendlyname() on PKCS#12 files received from untrusted parties; use PKCS12_parse() paths instead
- Restrict applications that accept PKCS#12 uploads to authenticated, trusted users until patches are deployed
- Pre-validate PKCS#12 friendly name attributes for unusual BMPString content before passing files to OpenSSL parsing routines
# Verify the installed OpenSSL version on Linux hosts
openssl version -a
# Example package update commands
sudo apt-get update && sudo apt-get install --only-upgrade openssl libssl3
sudo dnf update openssl openssl-libs
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
