Seagate openSeaChest Out-of-Bounds Write Vulnerability in NVMe Device Handling

Vulnerability

A vulnerability allowing an out-of-bounds write has been identified in Seagate's openSeaChest version 25.05.3, across all supported platforms. This issue arises in the '--showSupportedFormats' function, where the software improperly manages memory when interacting with NVMe devices. Specifically, it allows for writing an extra byte outside of allocated memory by exploiting a bogus value in the namespace FLBAS byte. This mismanagement could potentially be leveraged to manipulate memory in a harmful way.

Impact

Exploitation of this vulnerability could lead to memory corruption, allowing for arbitrary code execution or causing a crash by disrupting normal application processing.

Added: Jun 2, 2026, 11:24 PM

Updated: Jun 2, 2026, 11:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

1.9

remediation

0.0

relevance

9.8

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

1.9

remediation

0.0

relevance

9.8

threat

0.0

urgency

0.0

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Seagate openSeaChest Out-of-Bounds Write Vulnerability in NVMe Device Handling

Vulnerability

Impact

Affected Products

Seagate openSeaChest

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating