CVE-2026-41144

Name of the Vulnerable Software and Affected Versions F Prime versions prior to 4.2.0

Description An integer overflow occurs during a bounds check where the addition of byteOffset and dataSize wraps around on overflow. This allows a specially crafted DataPacket to bypass the check, enabling a file write at an unintended offset. Furthermore, the destination file path in 'Svc/FileUplink/File.cpp' is not sanitized. Together, these issues allow writing arbitrary data to any file at any offset, which can lead to remote code execution on embedded targets.

Recommendations Update to version 4.2.0.