CVE-2025-27363

Published Mar 11, 2025

Last updated a day ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-27363 is a vulnerability found in FreeType versions 2.13.0 and below. It occurs when parsing font subglyph structures related to TrueType GX and variable font files. The issue stems from assigning a signed short value to an unsigned long, followed by adding a static value. This causes a wrap-around, resulting in a heap buffer that is too small being allocated. The vulnerability allows writing up to 6 signed long integers out of bounds relative to the undersized buffer. This out-of-bounds write can potentially lead to arbitrary code execution. It has been reported that this vulnerability may have been exploited in the wild.

Description
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
Source
cve-assign@fb.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
FreeType Out-of-Bounds Write Vulnerability
Exploit added on
May 6, 2025
Exploit action due
May 27, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-787

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

5

  1. Google has released the May 2025 security updates for Android with fixes for 45 security flaws. Fixes include actively exploited zero-click FreeType 2 code execution vulnerability tracked as CVE-2025-27363, is a high-severity arbitrary code execution bug https://t.co/ujMQv6jVGl h

    @riskigy

    8 May 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. أطلقت جوجل تحديث أمان جديد لأندرويد، يعالج 46 ثغرة أمنية، بما في ذلك ثغرة حرجة تم استغلالها فعليًا (CVE-2025-27363)⚠️!! ينصح بتحديث أجهزتكم فورًا لضمان الأمان. ه

    @almutamayiz99_

    8 May 2025

    359 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 📢Google ออกอัปเดตแก้ไขช่องโหว่ CVE-2025-27363 บน Android หลังพบการโจมตี#ThaiCERT #NCSA #CybersecurityNew สามารถติดตามข่าวสารได้ที่ https://t.co/HCsLrrY

    @ThaiCERTByNCSA

    8 May 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Out of bounds write vulnerability in FreeType versions 2.13.0 and below (CVE-2025-27363) #CVE202527363 #CyberSecurity #FreeType #OutofBoundsWriteVulnerability https://t.co/1whSMRDlxG https://t.co/t8sTC5U8qD

    @SystemTek_UK

    8 May 2025

    37 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. #threatreport #LowCompleteness Androids May 2025 Update Tackles CVE-2025-27363 & More Langflow & MagicINFO Exploited, Kibana at Risk | 07-05-2025 Source: https://t.co/TvKLF2hmm7 Key details below ↓ 💀Threats: Mirai, 🎯Victims: Android, Langflow, Samsung magicinfo,

    @rst_cloud

    8 May 2025

    60 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    8 May 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Androidの定例アップデートでFreeTypeのゼロデイ脆弱性(CVE-2025-27363)が修正 #セキュリティ対策Lab #セキュリティ #Security https://t.co/aIzkUWMa8D

    @securityLab_jp

    7 May 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. #TusksUp 🧵1/ URGENT: Android Zero-Day Exploited in the Wild Google just patched CVE-2025-27363 — a critical Android System flaw that's already being used by attackers. If you’re using an Android device, read this now. 👇

    @byte_lock

    7 May 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. 🔐 Android Users: Critical Security Update Released Google has rolled out the May 2025 Android security update, addressing 47 vulnerabilities, including an actively exploited zero-day flaw (CVE-2025-27363). This update is crucial for protecting your device against potential ht

    @Synergycorpp

    7 May 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 One malicious font file could compromise your entire device and you’d never know Google just patched CVE-2025-27363 in its May 2025 Android security update. It’s a critical vulnerability already being exploited in the wild. https://t.co/mJfJQ7H5t8

    @efani

    7 May 2025

    316 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  11. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    7 May 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. Google's May 2025 Android Security Bulletin patches 46 vulnerabilities, including the active exploit CVE-2025-27363, a local code execution flaw. Timely updates are crucial for device security. 🔒 #Android #SecurityUpdate #USA https://t.co/6s4tw6tI6N

    @TweetThreatNews

    7 May 2025

    83 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Actively exploited #FreeType flaw fixed in #Android (#CVE-2025-27363) https://t.co/GxDrbyrbq9

    @ScyScan

    7 May 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. グーグル、アンドロイドで積極的に悪用されていたFreeTypeの欠陥を修正(CVE-2025-27363) https://t.co/rHkRyGTKHU #Security #セキュリティ #ニュース

    @SecureShield_

    7 May 2025

    33 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-27363 #FreeType Out-of-Bounds Write Vulnerability https://t.co/0l3MQxdjQn

    @ScyScan

    6 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. 🚨 Android Alert! Google patches CVE-2025-27363, a critical FreeType vulnerability actively exploited in the wild. 🔧 Found by Facebook 📱 Affects millions of Android devices ⚠️ Update to May 2025 patch now! 🔗https://t.co/hzla5CXtGV #Android #CVE202527363 #CyberSecur

    @cybrhoodsentinl

    6 May 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 🚨 ¡Actualiza tu Android YA! 🚨 Google corrige la vulnerabilidad CVE-2025-27363, explotada activamente, que permite ejecutar código sin interacción. 📱 Afecta FreeType en Android 13-15. Instala el parche de mayo 2025 (nivel 2025-05-05) para protegerte. #AndroidSecurity h

    @GeosbanysC

    6 May 2025

    30 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🛡️ We added a FreeType out-of-bounds write vulnerability CVE-2025-27363 to our Known Exploited Vulnerabilities Catalog. Visit Redirect to https://t.co/bJOgGeWmb8 & apply mitigations to protect your org from cyberattacks. https://t.co/2nABOzt2eB

    @CISACyber

    6 May 2025

    5011 Impressions

    15 Retweets

    25 Likes

    1 Bookmark

    0 Replies

    2 Quotes

  19. SunsetHost Hacker News Report: Google Addresses Critical Android Vulnerability CVE-2025-27363 in May 2025 Security Update https://t.co/FDqXtU2Nrb https://t.co/mj3RFfmlvw

    @DonELichterman

    6 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 🚨 Google just fixed a major Android flaw! CVE-2025-27363 lets hackers run code without your action. 📲 Update your Android now! #CyberSecurity #HoplonInfosec #AndroidSecurity #Google #CVE202527363 #Android https://t.co/1LUshMXgyQ

    @HoplonInfosec

    6 May 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨 Android Flaw Exploited in the Wild - Google Urges Users to Update ASAP Google just released its May 2025 Android security update, patching 46 vulnerabilities - including one that’s already being actively exploited. 📌 The critical flaw: - CVE-2025-27363 (CVSS 8.1) - F

    @efani

    6 May 2025

    287 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  22. Update ASAP: Google Fixes Android #flaw (#CVE-2025-27363) Exploited by Attackers https://t.co/tZOpn8MXDu

    @AdliceSoftware

    6 May 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Update ASAP: Google fixes Android flaw (CVE-2025-27363) exploited by attackers https://t.co/liH7ZqIf3r

    @sabatage

    6 May 2025

    278 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  24. 🚨 Google corrige vulnerabilidad crítica en #Android (CVE-2025-27363) 🚨 La falla, ya explotada activamente, permite ejecución de código sin privilegios adicionales ni interacción del usuario. 📲 Actualizá tu dispositivo ya para protegerte. 🔗 https://t.co/St9Whmv

    @ojo_cibernetico

    6 May 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. ⚠️Actualizaciones de seguridad mensuales para Android ❗CVE-2025-27363 ➡️Más info: https://t.co/YjS8fvFyDC https://t.co/8zw699BMsF

    @CERTpy

    6 May 2025

    114 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. ثغرة خطيرة تستهدف اجهزة اندرويد ثغرة CVE-2025-27363 : ثغرة في مكونات النظام تقود الى تنفيذ الكود البرمجي محليًا دون الحاجة إلى امتيازات تنفيذ إضافية او تدخل ال

    @mr_thamer

    6 May 2025

    2201 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  27. [Critical vulnerability CVE-2025-27363 in Android is actively exploited] Google has released a security update for Android, eliminating 46 vulnerabilities, including CVE-2025-27363, a critical bug in the System component that allows local code execution without additional https:

    @NGT_Cybercrime

    6 May 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 📱 Google Fixes Android Zero-Day Exploited in the Wild One of 46 flaws patched in May, CVE-2025-27363 lets hackers run code on your device—no clicks needed. Update now. https://t.co/BHhNo80Yl8 #Android #ZeroDay https://t.co/ex1E5QYatf

    @dCypherIO

    6 May 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    6 May 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  30. Google fixed actively exploited Android flaw CVE-2025-27363 https://t.co/sSefruFSNN

    @Dinosn

    6 May 2025

    2009 Impressions

    4 Retweets

    9 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  31. 📱 Google patches a critical Android zero-day (CVE-2025-27363) in May’s update—an exploit in FreeType used in the wild since March. Update ASAP! #AndroidSecurity #ZeroDay #Google #CyberSecurity #TechNews https://t.co/yryeBpaGBl

    @geniuspulse360

    6 May 2025

    53 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  32. Google fixed actively exploited Android flaw CVE-2025-27363 https://t.co/bhxsvmQjFf #TechNews #CyberSecurity #ThreatIntel

    @EnRouteIT

    6 May 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 📢 NEWS: @Google rolled out a new security update for Android devices on Monday, which patched around 50 vulnerabilities, including the exploited CVE-2025-27363 piece of code. https://t.co/gRsDSBJiHX

    @hack_snacks

    6 May 2025

    28 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  34. Android Update Patches Actively Exploited Vulnerability Google's latest Android security update addresses 46 flaws, including a critical zero-click vulnerability (CVE-2025-27363) being actively exploited. https://t.co/meAAhkH269

    @the_yellow_fall

    6 May 2025

    455 Impressions

    4 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  35. My #tuesdayvibe for t'internet defenders. By me @Forbes: what you need to know about CVE-2025-27363. #infosec https://t.co/OU7xyxPZIR

    @happygeek

    6 May 2025

    161 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers https://t.co/A7Otjg3A6Z https://t.co/Xugzi2B0L9

    @talentxfactor

    6 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers #attack #cyber #security #safey #news https://t.co/QkCo2d1aCX

    @AuraproR5678

    6 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. 📌 قامت جوجل بإصدار تحديثات أمان شهر مايو 2025 لنظام أندرويد، موفرةً إصلاحات لـ 46 ثغرة أمنية، من بينها ثغرة CVE-2025-27363 ذات الخطورة العالية، والتي تم استغلالها

    @Cybercachear

    6 May 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. 🚨 Exploited in the wild. No user click needed. Google patches 46 Android flaws, including CVE-2025-27363—a critical System bug tied to the FreeType font engine. Discovered by Meta in March, it's now confirmed active. 🔗 Learn more: https://t.co/re3l5kjmMH

    @TheHackersNews

    6 May 2025

    15375 Impressions

    57 Retweets

    130 Likes

    18 Bookmarks

    0 Replies

    5 Quotes

  40. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    5 May 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  41. Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk #CISO https://t.co/oedHdaxhtF https://t.co/Rwzmj5PYg7

    @compuchris

    6 Apr 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Warning: A critical vulnerability in the FreeType library (CVE-2025-27363) is being exploited in the wild, allowing arbitrary code execution. Update to FreeType 2.13.3 ASAP to protect your systems #CyberSecurity

    @deadlockfinger

    4 Apr 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    2 Apr 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  44. 🚨 Lambda Watchdog detected a new HIGH severity CVE 🚨 CVE-2025-27363 was detected in the latest AWS Lambda image scan affecting the freetype package in 9 images. Check the full report 👉 https://t.co/6EUGaPyRZk #AWS #Lambda #CVE #CloudSecurity #Serverless

    @LambdaWatchdog

    2 Apr 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    1 Apr 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  46. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    31 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  47. Flashpointの脆弱性ウィークリーレポート:CVE-2025-24201、CVE-2025-27363他 | Codebook https://t.co/1e01UGJq04 #izumino_trend

    @sec_trend

    24 Mar 2025

    60 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  48. Frissíts, ha tudsz: aktívan kihasználják a FreeType sérülékenységét A FreeType nyílt forráskódú betűkészlet-megjelenítő könyvtárban egy kritikus biztonsági sérülékenységet fedeztek fel, amely távoli kódfuttatást tehet lehetővé. A CVE-2025-27363 azonosítón nyomon követett sérül…

    @linuxmint_hun

    24 Mar 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Actively exploited CVE : CVE-2025-27363

    @transilienceai

    23 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 🚨#CVE Updates from JFrog's #Security Research Team: Last week the Meta team released an arbitrary code execution vulnerability with a CVSS score of 8.1 targeting the FreeType font rendering library, CVE-2025-27363. According to the advisory, it may have already been exploited

    @jfrog

    21 Mar 2025

    211 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations