- Description
- We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
- Source
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- CWE-787
- Hype score
- Not currently trending
CVE-2025-5688 - Out of Bounds Write in FreeRTOS-Plus-TCP https://t.co/mxC18PQrQI #patchmanagement
@eyalestrin
8 Jun 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-5688) in FreeRTOS-Plus-TCP versions v2.3.4–v4.3.1 exposes systems to crashes or code execution via long DNS names under Buffer Allocation Scheme 1. Update to v4.3.2+ for safety ⚠️ #Embedded #Australia https://t.co/NiZw5HGGEs
@TweetThreatNews
7 Jun 2025
84 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical FreeRTOS-Plus-TCP flaw (CVE-2025-5688) puts IoT devices at risk! A memory corruption bug can lead to system crashes or code execution. Update to v4.3.2 ASAP & validate your inputs! 🛡️ #Cybersecurity #IoTsecurity #FreeRTOS https://t.co/9gfMYrT9t3
@fernandokarl
6 Jun 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-5688 We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems … https://t.co/WwJIivMhYd
@CVEnew
4 Jun 2025
340 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes