Description
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0.
Published: 2026-03-30
Score: 3.8 Low
EPSS: < 1% Very Low
KEV: No
Impact: Stack buffer overflow that can lead to local code execution or denial of service
Action: Apply patch
AI Analysis

Impact

The vulnerability is a stack‑buffer‑overflow WRITE in the card‑oberthur module of OpenSC. When a token or smart‑card provides specially crafted APDU responses, the driver writes beyond the bounds of a local stack buffer, potentially corrupting the control flow of the application. The weakness is identified as CWE‑120 and CWE‑121, and the CVSS score of 3.8 indicates that an exploit would grant local privilege escalation or unilateral denial of service rather than remote compromise.

Affected Systems

The affected product is the OpenSC open‑source smart‑card toolkit. Versions prior to 0.27.0 are vulnerable. The fix is available in OpenSC 0.27.0 and later, which removes the unchecked buffer copy that triggers the overflow.

Risk and Exploitability

The CVSS impact score of 3.8 combined with an EPSS below 1% and a non‑listing in the CISA KEV catalog suggests a low‑to‑moderate risk for environments that do not provide physical access to the target machine at the time of token usage. Exploitation requires an attacker to be physically near the computer and to provide a malicious USB device or smart card that interfaces with OpenSC. Organizations with strict physical controls may consider the risk lower, but the vulnerability would still be mitigated by applying the official patch to eliminate the overflow entirely.

Generated by OpenCVE AI on April 2, 2026 at 02:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OpenSC to version 0.27.0 or later

Generated by OpenCVE AI on April 2, 2026 at 02:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Opensc
Opensc opensc
Vendors & Products Opensc
Opensc opensc

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Opensc Project
Opensc Project opensc
CPEs cpe:2.3:a:opensc_project:opensc:*:*:*:*:*:*:*:*
Vendors & Products Opensc Project
Opensc Project opensc

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-120
References
Metrics threat_severity

None

 threat_severity

Low

Mon, 30 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
Description OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow WRITE in card-oberthur. The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs. This issue has been patched in version 0.27.0.
Title OpenSC: Stack-buffer-overflow WRITE in card-oberthur
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 3.8, 'vector': 'CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L'}

Subscriptions

Opensc Opensc
Opensc Project Opensc
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T18:53:46.404Z

Reserved: 2025-11-24T23:01:29.678Z

Link: CVE-2025-66215

cve-icon Vulnrichment

Updated: 2026-03-31T18:50:37.583Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T18:16:18.350

Modified: 2026-04-01T17:28:49.457

Link: CVE-2025-66215

cve-icon Redhat

Severity : Low

Publid Date: 2026-03-30T17:06:16Z

Links: CVE-2025-66215 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:11:12Z

Weaknesses