CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2025-11573

unknowncovered by 1 sourcefirst seen 2026-06-05
Bulletin ID: AWS-2025-022 Scope: Amazon Content Type: Important (requires attention) Publication Date: 2025/10/09 11:00 PM PDT Description: Amazon.IonDotnet is a library for the Dotnet language that is used to read and write Amazon Ion data. We identified CVE-2025-11573, which describes an infinite loop issue in Amazon.IonDotnet library versions <v1.3.2 that may allow a threat actor to cause a denial of service through a specially crafted text input. As of August 20, 2025, this library has been deprecated and will not receive further updates. Affected versions: <1.3.2

CSIRTS triage

What
An infinite loop issue may allow denial of service through crafted input.
Who is affected
Users of Amazon.IonDotnet library versions earlier than 1.3.2.
Urgency
Remediation is urgent due to the potential for denial of service.
Action
Upgrade to version 1.3.2 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2025-11573

Get an email if CVE-2025-11573 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2025-11573

CVE.org record

Embed the live status

CVE-2025-11573 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2025-11573 status](https://www.csirts.com/badge/CVE-2025-11573)](https://www.csirts.com/cve/CVE-2025-11573)