Wiz
Vulnerability DatabaseCVE-2025-6273

CVE-2025-6273
Linux Debian vulnerability analysis and mitigation

Overview

A vulnerability (CVE-2025-6273) was discovered in WebAssembly wabt up to version 1.0.37. The issue affects the LogOpcode function in the src/binary-reader-objdump.cc file and is classified as a reachable assertion vulnerability. The vulnerability was disclosed on June 19, 2025, and its status is currently marked as disputed, as the code maintainer suggests that this issue might not affect real-world WebAssembly programs (NVD, VulDB).

Technical details

The vulnerability is classified as CWE-617 (Reachable Assertion) where the product contains an assert() statement that can be triggered by an attacker. The vulnerability has received a CVSS v3.1 Base Score of 3.3 (LOW) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L. Local access is required to exploit this vulnerability, and the manipulation leads to a reachable assertion in the LogOpcode function (NVD, VulDB).

Impact

The vulnerability primarily affects system availability. When successfully exploited, it can lead to an application exit or behavior that is more severe than necessary, potentially resulting in a denial of service condition (VulDB).

Mitigation and workarounds

Currently, there are no officially documented countermeasures or workarounds for this vulnerability. It has been suggested to consider replacing the affected product with an alternative solution (VulDB).

Additional resources

SourceThis report was generated using AI

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues

Cloud threat landscape

Cloud threat landscape

A comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques

PEACH

PEACH

A step-by-step framework for modeling and improving SaaS and PaaS tenant isolation

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo