Genymobile/scrcpy <= 3.3.3 Global Buffer Overflow

Advisories

severity: medium
date: December 18, 2025
Affecting: scrcpy <= 3.3.3
Fixed in commit 3e40b24
CVE: CVE-2025-34449
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS: 6.9
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
References: Researcher Advisory & PoC
scrcpy Patched Commit
scrcpy Vulnerability Issue
Credit: Vlatko Kosturjak with Marlink Cyber
Description: Genymobile/scrcpy versions up to and including 3.3.3 and prior to commit 3e40b24 contain a global buffer overflow vulnerability in the function sc_read32be, invoked via sc_device_msg_deserialize() and process_msgs(). Processing crafted device messages can cause reads beyond the bounds of a global buffer, leading to memory corruption or crashes. This vulnerability can be exploited to cause a denial of service and, under certain conditions, may be leveraged for further exploitation depending on the execution environment and available mitigations.