7.5
CVE-2025-5688
- EPSS 0.11%
- Veröffentlicht 04.06.2025 17:15:29
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle ff89ba41-3aa1-4d27-914a-91399e
- CVE-Watchlists
- Unerledigt
Out of Bounds Write in FreeRTOS-Plus-TCP
We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerAmazon
≫
Produkt
FreeRTOS
Default Statusunaffected
Version
2.3.4
Version <
4.3.2
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.293 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| ff89ba41-3aa1-4d27-914a-91399e9639e5 | 7.5 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.