PT-2025-39633 · Unknown · Behaviortree
Sand
·
Published
2025-09-26
·
Updated
2025-10-16
·
CVE-2025-11012
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
BehaviorTree versions prior to 4.7.0
Description
A flaw exists in BehaviorTree that could lead to a stack-based buffer overflow. This issue is related to the manipulation of the
error msgs buffer argument within the ParseScript function located in the /src/script parser.cpp file of the Diagnostic Message Handler component. The exploit has been publicly disclosed and can be executed locally.Recommendations
Apply the patch cb6c7514efa628adb8180b58b4c9ccdebbe096e3 to remediate this issue.
Exploit
Fix
Stack Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Behaviortree