Skip to main content

Rt Thread CVE-2024-25393

CRITICAL
Stack-based Buffer Overflow (CWE-121)
2024-03-27 cve@mitre.org
9.8
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 27, 2024 - 03:15 cve.org
CRITICAL 9.8

DescriptionCVE.org

A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.

AnalysisAI

A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-121. A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. Affected products include: Rt-Thread. Version information: through 5.0.2..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2025-5865 HIGH POC
8.0 Jun 09

Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_select syscall handler that allows authenticated local

CVE-2025-5867 HIGH POC
8.0 Jun 09

Critical null pointer dereference vulnerability in RT-Thread 5.1.0's lwp_syscall.c csys_sendto function, allowing authen

CVE-2025-5869 HIGH POC
8.0 Jun 09

Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_recvfrom syscall handler that allows authenticated loc

CVE-2025-5866 HIGH POC
8.0 Jun 09

A security vulnerability in A vulnerability classified as critical (CVSS 8.0). Risk factors: public PoC available.

CVE-2025-5868 HIGH POC
8.0 Jun 09

Critical array index validation vulnerability in RT-Thread 5.1.0's signal mask syscall handler that allows authenticated

CVE-2025-6693 HIGH POC
7.8 Jun 26

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_dev

CVE-2026-14606 HIGH POC
7.1 Jul 03

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the CAN_Receive function with

CVE-2026-14605 HIGH POC
7.1 Jul 03

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the recvmsg function within t

CVE-2026-14607 MEDIUM POC
5.4 Jul 03

Memory corruption in RT-Thread's Linux-compatible process (lwp) syscall layer allows a local low-privileged user to cras

CVE-2025-1115 MEDIUM POC
4.8 Feb 08

A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Rated medium severity (CVSS 4.8), this vul

CVE-2024-25395 HIGH
8.8 Mar 27

A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2. Rated high severity (CVSS 8.8), t

CVE-2024-25391 HIGH
8.4 Mar 27

A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2. Rated high severity (CVSS 8.4), th

Share

CVE-2024-25393 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy