N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

CVE-2025-0343

GHSA ID

GHSA-w8xv-rwgf-4fwh

EPSS Score

0.30707%

CWE

CWE-228

Published

1/14/2025

Updated

1/15/2025

KEV Status

Technology

Swift

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-0343

CVE-2025-0343: CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constraint isn't met.

Importantly, these constraints are actually required to be true in DER, but that correctness wasn't enforced on the early node parser side so it was incorrect to rely on it later on in decoding, which is what the library did.

These crashes can be triggered when parsing any DER/BER format object. There is no memory-safety issue here: the crash is a graceful one from the Swift runtime. The impact of this is that it can be used as a denial-of-service vector when parsing BER/DER data from unknown sources, e.g. when parsing TLS certificates.

Many thanks to @baarde for reporting this issue and providing the fix.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-0343

CVE-2025-0343:

N/A

CVSS Score

-

CVSS Score

Basic Information

CVE ID

CVE-2025-0343

GHSA ID

GHSA-w8xv-rwgf-4fwh

EPSS Score

0.30707%

CWE

CWE-228

Published

1/14/2025

Updated

1/15/2025

KEV Status

Technology

Swift

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/apple/swift-asn1	swift	<= 1.3.0	1.3.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from improper handling of constructed vs. primitive encodings in DER/BER parsing. The affected functions all contained guard statements checking for .primitive content, followed by preconditionFailure crashes when the check failed. This violated DER's actual rules (which allow BER's flexibility) and created denial-of-service risks. The commit diff shows these preconditionFailure calls were replaced with error throws, confirming these were the vulnerable points. The pattern repeats across multiple ASN1 type initializers and the DER parser itself, all sharing the same flawed assumption about early parser validation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-0343: CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

CVE-2025-0343:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

N/A

N/A

CVE-2025-0343: CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI