Primary

Context

Open Vehicle Monitoring System 3 Buffer Overflow Vulnerability in PCAP Format

Vulnerability

A buffer overflow vulnerability has been identified in Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005. The issue arises in the PCAP format parser within 'canformat_pcap.cpp', where the 'phdr.len' field is not properly validated. This lack of validation allows remote attackers to cause a denial-of-service condition or potentially execute arbitrary code by sending crafted PCAP input.

Impact

Exploitation of this vulnerability leads to a stack buffer overflow, which can commonly result in arbitrary code execution or causing a program to crash.

Reproduction

The vulnerability can be reproduced by sending a crafted PCAP file that exploits the improper validation of the 'phdr.len' field. This can be done by manipulating the PCAP input to include a length value that exceeds the buffer capacity, causing a buffer overflow when the parser processes the file.

Added: May 1, 2026, 5:22 PM

Updated: May 1, 2026, 5:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.7

remediation

0.0

relevance

7.2

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.7

remediation

0.0

relevance

7.2

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open Vehicle Monitoring System 3 Buffer Overflow Vulnerability in PCAP Format

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating