CVE-2025-66034

ANC

CriticalConfirmedExploit available

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python…

CVSS

9.8

Critical

EPSS

0.00

p22

Published

2025-01-01

Updated

2025-01-01

Description

fontTools is a library for manipulating fonts, written in Python. In versions from 4.33.0 to before 4.60.2, the fonttools varLib (or python3 -m fontTools.varLib) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the main() code path of fontTools.varLib, used by the fonttools varLib CLI and any code that invokes fontTools.varLib.main(). This issue has been patched in version 4.60.2.

Tags · CWE

Pre-auth

CWE-91

CAPEC-83

CAPEC-250

Affected products

Fonttools 4.33.0–4.60.2

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

2025-01-01

Published

2025-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.001 · p22

Known exploited (KEV)

Known exploits — Сканер-ВС

CVE-2025-66034

github-poc · https://github.com/4nuxd/CVE-2025-66034

Enterprise

Affected software

Product	Vendor	Status
		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools		Tracked
fonttools	*	Tracked

Source databases

ANC

DEB

CVE

UBU

External references

https://www.cve.org/CVERecord?id=CVE-2025-66034@https://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv@https://github.com/fonttools/fonttools/commit/a696d5ba93270d5954f98e7cab5ddca8a02c1e32@https://ubuntu.com/security/notices/USN-7917-1