Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionCVE.org
flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.
AnalysisAI
Stack overflow in Flipper Zero Firmware (commit ad2a80) enables local arbitrary code execution with high privileges through exploitation of the Main function. SSVC framework confirms POC availability and total technical impact. CVSS 8.4 reflects local attack vector with no authentication barrier. No vendor-released patch identified at time of analysis, though GitHub issue tracking indicates developer awareness.
Technical ContextAI
This vulnerability affects the Flipper Zero Firmware, the operating system for the Flipper Zero portable multi-tool device used for hardware hacking and security research. The flaw is a CWE-121 stack-based buffer overflow in the Main function - likely the firmware's entry point or primary event loop. Stack overflows occur when more data is written to a stack buffer than allocated, overwriting adjacent memory including return addresses. In embedded firmware like Flipper Zero's, successful exploitation can redirect execution flow to attacker-controlled code. The vulnerability exists in commit ad2a80, a specific development snapshot. Flipper Zero runs on ARM Cortex-M processors with constrained memory, where stack overflows can have severe impact due to lack of modern exploit mitigations common in desktop operating systems.
RemediationAI
No vendor-released patch version independently confirmed at time of analysis. Users should monitor the GitHub issue at https://github.com/flipperdevices/flipperzero-firmware/issues/4332 for official vendor guidance and patch availability. Until patched firmware is released, implement these compensating controls: (1) Restrict physical access to Flipper Zero devices - treat as trusted hardware requiring device security controls similar to cryptographic tokens. (2) Disable automatic firmware update mechanisms to prevent supply-chain exploitation if update channels are compromised. (3) Validate firmware integrity using checksums before manual installation. (4) For shared devices in security labs, wipe and reflash firmware between users to clear potential persistence mechanisms. Trade-off: Disabling updates blocks legitimate security patches, so implement strict change control and manual update verification processes. For development teams, audit commits after ad2a80 in the repository to identify if fixes were silently merged without CVE cross-reference.
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26705