{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T23:20:28.876","vulnerabilities":[{"cve":{"id":"CVE-2025-32743","sourceIdentifier":"cve@mitre.org","published":"2025-04-10T14:15:29.740","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations."},{"lang":"es","value":"En ConnMan hasta la versión 1.44, la cadena de búsqueda en ns_resolv en dnsproxy.c puede ser NULL o una cadena vacía cuando el bit TC (truncado) está configurado en una respuesta DNS. Esto permite a los atacantes provocar una denegación de servicio (bloqueo de la aplicación) o posiblemente ejecutar código arbitrario, porque esos valores de búsqueda conducen a cálculos de longitud incorrectos y operaciones de memcpy incorrectas."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-392"}]}],"references":[{"url":"https://lapis-sawfish-be3.notion.site/0-click-Vulnerability-in-Comman-1-43_v3-1cadc00d01d080b0b3b9c46a6da584cc","source":"cve@mitre.org"},{"url":"https://web.git.kernel.org/pub/scm/network/connman/connman.git/tree/src/dnsproxy.c?h=1.44#n1688","source":"cve@mitre.org"}]}}]}