Primary

Context

AxxonSoft Axxon One OpenSSL Memory Buffer Vulnerability Leading to Crashes

Vulnerability

A vulnerability exists in the OpenSSL-based session module of AxxonSoft Axxon One versions through 2.0.6 on Windows. It stems from improper memory management, allowing remote attackers under high load to exploit memory reallocation errors while processing expired session keys. This could result in application crashes or unpredictable behavior.

Impact

Exploitation of this vulnerability can cause application crashes or erratic behavior.

Remediation

Users are advised to upgrade to Axxon One version 2.0.8 or later, and to recompile and deploy the application using OpenSSL version 3.0.13 or later.

Added: Sep 10, 2025, 1:19 PM

Updated: Sep 10, 2025, 1:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AxxonSoft Axxon One OpenSSL Memory Buffer Vulnerability Leading to Crashes

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating