CVE-2026-27703
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
2Tags
Description
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In 2026.01 and earlier, the default handler for the well_known_core resource coap_well_known_core_default_handler writes user-provided option data and other data into a fixed size buffer without validating the buffer is large enough to contain the response. This vulnerability allows an attacker to corrupt neighboring stack location, including security-sensitive addresses like the return address, leading to denial of service or arbitrary code execution.
Analysis
Stack buffer overflow in RIOT OS coap_well_known_core_default_handler allows unauthenticated remote attackers to overwrite critical stack data including return addresses through oversized CoAP option responses. Affected IoT devices running RIOT 2026.01 and earlier are vulnerable to denial of service or arbitrary code execution without any user interaction required. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all RIOT-based devices and systems in your environment and assess exposure scope. Within 7 days: Implement network segmentation to isolate affected IoT/embedded devices from critical systems; disable unnecessary network services on RIOT devices where operationally feasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today