A vulnerability in OpenSSL's email encryption system could allow attackers to crash servers or execute malicious code without authentication credentials, security researchers warned this week.
The flaw, tracked as CVE-2025-15467 and rated high severity, lies in how OpenSSL handles encrypted email messages that use modern AEAD cyphers such as AES-GCM. When parsing these messages, the software blindly copies data into a fixed-size memory buffer without checking if it actually fits—a recipe for disaster that's been causing headaches since the dawn of computing.
What makes this bug particularly nasty is its timing. The overflow happens before OpenSSL performs any authentication checks, meaning attackers don't need valid encryption keys to trigger it. They just need to craft a malicious email with an oversized initialisation vector (the random data that kicks off the encryption process) and send it to a vulnerable server.
"Because the overflow occurs before authentication, no valid key material is required to trigger it," OpenSSL's security team explained in their advisory released Monday. The vulnerability affects anyone processing S/MIME AuthEnvelopedData messages with AEAD ciphers—think corporate email gateways, secure messaging platforms, and encrypted document processors.
Security researcher Stanislav Fort from Aisle Research discovered the flaw in mid-December 2025. Igor Ustinov developed the patch that OpenSSL released alongside fixes for 13 other vulnerabilities on January 27.
The damage potential extends across five major OpenSSL versions (3.0 through 3.6), though older 1.x releases dodged the bullet. Organisations running affected versions face a straightforward but urgent path forward: upgrade immediately to versions 3.6.1, 3.5.5, 3.4.4, 3.3.6, or 3.0.19, depending on which branch they're using.
While exploiting this to achieve full remote code execution depends on platform-specific security features that might block the attack, the raw memory corruption primitive represents what OpenSSL called "a severe risk" that defenders shouldn't gamble on.
The good news? FIPS-certified OpenSSL modules remain unaffected since CMS processing sits outside their security boundary. Still, with email encryption infrastructure underpinning countless secure communications worldwide, patching this one shouldn't wait for the next maintenance window.