Primary

Context

Realtek AmebaD Heap-Based Buffer Overflow Vulnerability in WLAN Driver

Vulnerability

Patched

A heap-based buffer overflow vulnerability has been identified in Realtek AmebaD devices, specifically in the Ameba-AIoT ameba-arduino-d library versions prior to 3.1.9 and in ameba-rtos-d versions prior to commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a, dated 2025/07/03. The vulnerability arises in the WLAN driver defragment function, where fragmented Wi-Fi frames are not properly validated, potentially leading to a heap-based buffer overflow.

Impact

Exploitation of this vulnerability can lead to a heap-based buffer overflow, which may allow for arbitrary code execution or cause a denial-of-service condition.

Remediation

Users can upgrade to Ameba-AIoT ameba-arduino-d version 3.1.9 or to Ameba-AIoT ameba-rtos-d version commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a or later.

Added: Jul 9, 2025, 5:25 PM

Updated: Jul 9, 2025, 5:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Realtek AmebaD Heap-Based Buffer Overflow Vulnerability in WLAN Driver

Vulnerability

Impact

Remediation

Affected Products

Ameba-AIoT ameba-arduino-d

Ameba-AIoT ameba-rtos-d

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating