Firmalyzer

**Name of the Vulnerable Software and Affected Versions** DASH 7 Alliance protocol versions prior to 0.5.0 **Description** The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution. **Recommendations** For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the protocol until a patch is available. Avoid using non-default settings for the protocol configuration to minimize the risk of exploitation.