What is the CVSS score of CVE-2025-5869?

CVE-2025-5869 has a CVSS 3.1 base score of 8.0 (High). CVSS vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of Rt Thread are affected by CVE-2025-5869?

CVE-2025-5869 affects RT-Thread 5.1.0 and could allow attackers to corrupt memory through a network-accessible system call, potentially leading to application crashes or code execution.

Is there a public PoC exploit available for CVE-2025-5869?

Yes, a public proof-of-concept exploit is available for CVE-2025-5869. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-5869?

Within 24 hours: identify and inventory all systems running RT-Thread 5.1.0 and assess network exposure of affected devices. Within 7 days: implement network segmentation to restrict access to affected RT-Thread systems and disable the recvfrom syscall if operationally feasible. Within 30 days: monitor vendor releases closely for available patches and prepare deployment procedures; evaluate upgrade paths to patched versions when available.

Rt Thread CVE-2025-5869

EUVD-2025-17445 HIGH

Buffer Overflow (CWE-119)

2025-06-09 cna@vuldb.com

Buffer Overflow Rt Thread

8.0

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.0 HIGH

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 19:21 euvd

EUVD-2025-17445

Analysis Generated

Mar 14, 2026 - 19:21 vuln.today

PoC Detected

Jul 11, 2025 - 18:07 vuln.today

Public exploit code

CVE Published

Jun 09, 2025 - 09:15 nvd

HIGH 8.0

DescriptionCVE.org

A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption.

AnalysisAI

Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_recvfrom syscall handler that allows authenticated local attackers to corrupt kernel memory through improper argument validation. An attacker with local access and limited privileges can exploit this to achieve arbitrary code execution or denial of service, potentially compromising the entire embedded system running RT-Thread.

Technical ContextAI

The vulnerability exists in rt-thread/components/lwp/lwp_syscall.c within the sys_recvfrom function, which handles the recvfrom network syscall in the RT-Thread lightweight process (lwp) subsystem. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating a classic buffer overflow or out-of-bounds memory access. The 'from' parameter passed to sys_recvfrom is not properly validated before being used in memory operations, allowing an attacker to write beyond allocated buffer boundaries. This affects RT-Thread's POSIX-compatible syscall layer, which is critical infrastructure for application sandboxing and process isolation in embedded systems using CPE:rt-thread:rt-thread:5.1.0.

CVE-2025-5869 vulnerability details – vuln.today

Back

Rt Thread CVE-2025-5869

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Share

External POC / Exploit Code