PT-2026-22166 · Unknown · Golioth Firmware Sdk
Secmate
·
Publicado
2026-02-26
·
Atualizado
2026-02-26
·
CVE-2026-23747
CVSS v4.0
6.3
Média
| Vetor | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Golioth Firmware SDK versions 0.10.0 through 0.21.9
Description
The Golioth Firmware SDK contains a stack-based buffer overflow in Payload Utils. The
golioth payload as int() and golioth payload as float() helpers use memcpy() to copy network-supplied payload data into fixed-size stack buffers, with the length derived from payload size. Assertions intended to limit the copy length are removed in release builds, allowing memcpy() to copy an unbounded payload size. Payloads exceeding 12 bytes (for integers) or 32 bytes (for floats) can cause a stack overflow, leading to a crash or denial of service. This issue is reachable through LightDB State on payload with a malicious server or a man-in-the-middle (MITM) attack.Recommendations
Update to Golioth Firmware SDK version 0.22.0 or later.
Exploit
Correção
Stack Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Golioth Firmware Sdk