Skip to main content

RT-Thread EUVDEUVD-2026-41674

| CVE-2026-14629 LOW
Divide By Zero (CWE-369)
2026-07-04 VulDB GHSA-jp84-4rqr-29c5
2.1
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
2.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.3 MEDIUM

Network-reachable with low-privilege authentication required; divide-by-zero yields availability impact only, no confidentiality or integrity effect, no scope change.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
Jul 04, 2026 - 14:22 NVD
MEDIUM LOW
CVSS changed
Jul 04, 2026 - 14:22 NVD
5.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
Jul 04, 2026 - 14:15 vuln.today

DescriptionCVE.org

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sys_ioctl of the file components/lwp/lwp_syscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

AnalysisAI

Divide-by-zero in RT-Thread's lightweight process (lwp) syscall handler allows a low-privileged remote attacker to crash the RTOS by sending crafted read, write, or sys_ioctl system calls with malicious parameters to the affected handler in components/lwp/lwp_syscall.c. Affected versions are 5.2.2 and below. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to network-accessible RT-Thread device
Delivery
Invoke crafted read/write/sys_ioctl syscall via lwp interface
Exploit
Supply zero-value divisor parameter to lwp_syscall.c handler
Execution
Trigger unhandled divide-by-zero arithmetic fault
Impact
Crash RTOS process or system (denial of service)

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold at minimum low-privileged authenticated access to the target RT-Thread system (PR:L per CVSS 4.0 vector - unauthenticated exploitation is not supported by the available data). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P) assigns a network-accessible, low-complexity attack requiring only low privileges, with impact limited to partial availability (VA:L) and no confidentiality or integrity consequences. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with low-privileged access to a network-exposed RT-Thread device - for example, via a telnet or application-layer session - sends a crafted read, write, or ioctl syscall containing a parameter value of zero intended to function as a divisor within the lwp_syscall.c handler. The unvalidated parameter triggers a divide-by-zero fault, crashing the affected RTOS process or the entire system, causing denial of service. …
Remediation The upstream fix is available as pull request #11453 at https://github.com/RT-Thread/rt-thread/pull/11453, which awaits acceptance into the main branch - a released, officially tagged patched version has not been independently confirmed at time of analysis. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-5865 HIGH POC
8.0 Jun 09

Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_select syscall handler that allows authenticated local

CVE-2025-5867 HIGH POC
8.0 Jun 09

Critical null pointer dereference vulnerability in RT-Thread 5.1.0's lwp_syscall.c csys_sendto function, allowing authen

CVE-2025-5869 HIGH POC
8.0 Jun 09

Critical memory corruption vulnerability in RT-Thread 5.1.0's sys_recvfrom syscall handler that allows authenticated loc

CVE-2025-5866 HIGH POC
8.0 Jun 09

A security vulnerability in A vulnerability classified as critical (CVSS 8.0). Risk factors: public PoC available.

CVE-2025-5868 HIGH POC
8.0 Jun 09

Critical array index validation vulnerability in RT-Thread 5.1.0's signal mask syscall handler that allows authenticated

CVE-2025-6693 HIGH POC
7.8 Jun 26

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_dev

CVE-2026-14606 HIGH POC
7.1 Jul 03

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the CAN_Receive function with

CVE-2026-14605 HIGH POC
7.1 Jul 03

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the recvmsg function within t

CVE-2024-25393 CRITICAL
9.8 Mar 27

A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2. Rated critical severity (CVSS 9.8),

CVE-2026-14607 MEDIUM POC
5.4 Jul 03

Memory corruption in RT-Thread's Linux-compatible process (lwp) syscall layer allows a local low-privileged user to cras

CVE-2025-1115 MEDIUM POC
4.8 Feb 08

A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Rated medium severity (CVSS 4.8), this vul

CVE-2024-25395 HIGH
8.8 Mar 27

A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2. Rated high severity (CVSS 8.8), t

Share

EUVD-2026-41674 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy