Vulnerability Description
Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. This could be used to steal funds or compromise other kinds of cross-chain applications. This vulnerability is fixed in 15.0.1.
Related Weaknesses (CWE)
References
- https://github.com/polytope-labs/hyperbridge/pull/372/commits/f0e85db718f5165b06
- https://github.com/polytope-labs/hyperbridge/security/advisories/GHSA-wwx5-gpgr-
- https://github.com/polytope-labs/ismp-substrate/pull/64/commits/5ca3351a19151f1a
FAQ
What is CVE-2025-24800?
CVE-2025-24800 is a documented vulnerability. Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily conv...
How severe is CVE-2025-24800?
CVSS scoring is not yet available for CVE-2025-24800. Check NVD for updates.
Is there a patch for CVE-2025-24800?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.