Description

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

INFO

Published Date :

2025-07-09T00:00:00.000Z

Last Modified :

2025-09-22T15:28:13.942Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-49604 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-49604.

URL Resource
https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281 cve-icon cve-icon
https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9 cve-icon cve-icon
https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact