{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-69808", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-16T19:52:03.880Z", "dateReserved": "2026-01-09T00:00:00.000Z", "datePublished": "2026-03-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-16T18:37:12.746Z"}, "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/p2r3/bareiron/"}, {"url": "https://github.com/vmpr0be/bareiron-vr/blob/main/CVE-2025-69808.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T19:50:45.601419Z", "id": "CVE-2025-69808", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T19:52:03.880Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-69808", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T19:50:45.601419Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T19:51:32.588Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/p2r3/bareiron/"}, {"url": "https://github.com/vmpr0be/bareiron-vr/blob/main/CVE-2025-69808.md"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-16T18:37:12.746Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69808", "state": "PUBLISHED", "dateUpdated": "2026-03-16T19:52:03.880Z", "dateReserved": "2026-01-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-16T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:p2r3:bareiron:2025-09-16:*:*:*:*:*:*:*", "matchCriteriaId": "44DB8E6D-705C-45AA-B014-C2911724CF92", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet."}, {"lang": "es", "value": "Un acceso a memoria fuera de l\u00edmites (OOB) en p2r3 Bareiron commit 8e4d40 permite a atacantes no autenticados acceder a informaci\u00f3n sensible y causar una denegaci\u00f3n de servicio (DoS) mediante el suministro de un paquete manipulado."}], "id": "CVE-2025-69808", "lastModified": "2026-04-27T18:41:00.170", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-16T19:16:14.850", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/p2r3/bareiron/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://github.com/vmpr0be/bareiron-vr/blob/main/CVE-2025-69808.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "8e4d40"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "bareiron", "vendor": "p2r3"}], "analysis": {"en": {"generated_at": "2026-03-16T22:57:19.708323+00:00", "value": {"mitigation_remediation": ["Update p2r3 Bareiron to a version that does not include commit 8e4d40.", "If an update is unavailable, isolate the service from untrusted networks.", "Apply any vendor\u2011supplied patches or security updates as soon as they become available."], "summary": {"action": "Immediate Patch", "impact": "Information Disclosure and Denial of Service"}, "threat_synthesis": {"affected_systems": "Affected product: p2r3 Bareiron. The vulnerability exists in commit 8e4d40; any release that incorporates this commit is impacted, with no specific version range listed.", "description_and_impact": "An out\u2011of\u2011bounds memory access in the p2r3 Bareiron project allows an unauthenticated attacker to supply crafted packets that trigger the vulnerability, resulting in reading sensitive memory contents outside the intended buffer and causing a denial of service when the application becomes unresponsive. This weakness corresponds to CWE\u2011125 (Out\u2011of\u2011Bounds Read).", "risk_and_exploitability": "The CVSS score is 9.1, indicating a high severity threat. EPSS is not available and the vulnerability is not listed in the KEV catalog. Exploitation does not require authentication and is likely achieved over the network by sending a specially crafted packet to the affected component. No patches or workarounds are publicly documented, so attackers could exploit this flaw on any exposed instance of the component."}}}}, "created": "2026-03-17T09:55:35.607734+00:00", "title": "Unauthenticated Out\u2011of\u2011Bounds Memory Access in p2r3 Bareiron Leading to Information Disclosure and DoS", "updated": "2026-03-23T14:00:59.173823+00:00", "vendors": ["p2r3", "p2r3$PRODUCT$bareiron"]}