CVE-2025-70957

Name of the Vulnerable Software and Affected Versions TON Lite Server versions prior to 2024.09

Description A Denial of Service (DoS) issue exists in the handling of external arguments passed to “get methods” in the TON Lite Server. An attacker can inject a crafted Continuation object, normally restricted within the Virtual Machine (VM), to consume excessive CPU resources with minimal virtual gas costs. This allows monopolization of the Lite Server’s processing power, leading to a denial of service for legitimate users. The vulnerability impacts the server’s throughput.

Recommendations Update to version 2024.09 or later.