{"id":70590,"date":"2025-09-03T09:36:37","date_gmt":"2025-09-03T09:36:37","guid":{"rendered":""},"modified":"2025-10-21T11:37:11","modified_gmt":"2025-10-21T17:37:11","slug":"cve-2025-22411-remote-code-execution-vulnerability-in-sdp-discovery","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-22411-remote-code-execution-vulnerability-in-sdp-discovery\/","title":{"rendered":"CVE-2025-22411: Remote Code Execution Vulnerability in SDP Discovery<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

CVE-2025-22411 represents a significant vulnerability in the process_service_attr_rsp of sdp_discovery.cc, posing a potential threat to any system that utilizes this service. This vulnerability could allow an attacker to execute code remotely on the target system, even without any additional execution privileges or user interaction, which makes it a serious security concern.
\nThis vulnerability matters because of its high severity<\/a> score and the fact that it doesn’t require user interaction for exploitation. This means that any system<\/a> running an affected version of the software is potentially at risk of being compromised, leading to data leakage or system breaches.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-22411
\nSeverity: High (CVSS: 8.8)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Remote code execution<\/a>, potential system compromise, and data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n