CVE-2025-24798 - Vulnerability Details - OpenCVE

Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00026.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Meshtastic	Firmware Meshtastic Firmware

Configuration 1 [-]

cpe:2.3:o:meshtastic:meshtastic_firmware:*:*:*:*:*:*:*:*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Meshtastic	Firmware

References

Link	Providers
https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48
https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19
https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5

History

Fri, 22 Aug 2025 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Meshtastic meshtastic Firmware
CPEs		cpe:2.3:o:meshtastic:meshtastic_firmware::::::::
Vendors & Products		Meshtastic meshtastic Firmware

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00014}`	epss `{'score': 0.00017}`

Fri, 11 Jul 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 11 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics		epss `{'score': 0.00014}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2025-07-10T21:22:30.299Z

Updated: 2025-07-11T16:51:10.534Z

Reserved: 2025-01-23T17:11:35.838Z

Link: CVE-2025-24798

Vulnrichment

Updated: 2025-07-11T16:51:06.227Z

NVD

Status : Analyzed

Published: 2025-07-10T22:15:24.387

Modified: 2025-08-22T16:02:31.793

Link: CVE-2025-24798

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:31:04Z

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-24798", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-01-23T17:11:35.838Z", "datePublished": "2025-07-10T21:22:30.299Z", "dateUpdated": "2025-07-11T16:51:10.534Z"}, "containers": {"cna": {"title": "Meshtastic crashes via an unimplemented routing module reply", "problemTypes": [{"descriptions": [{"cweId": "CWE-617", "lang": "en", "description": "CWE-617: Reachable Assertion", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5"}, {"name": "https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19", "tags": ["x_refsource_MISC"], "url": "https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19"}, {"name": "https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48", "tags": ["x_refsource_MISC"], "url": "https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48"}], "affected": [{"vendor": "meshtastic", "product": "firmware", "versions": [{"version": ">= 1.2.1, < 2.6.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-10T21:22:30.299Z"}, "descriptions": [{"lang": "en", "value": "Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2."}], "source": {"advisory": "GHSA-4q84-546j-3mf5", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-11T16:51:00.660064Z", "id": "CVE-2025-24798", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:51:10.534Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-24798", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-11T16:51:00.660064Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-11T16:51:06.227Z"}}], "cna": {"title": "Meshtastic crashes via an unimplemented routing module reply", "source": {"advisory": "GHSA-4q84-546j-3mf5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "meshtastic", "product": "firmware", "versions": [{"status": "affected", "version": ">= 1.2.1, < 2.6.2"}]}], "references": [{"url": "https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5", "name": "https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19", "name": "https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48", "name": "https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-617", "description": "CWE-617: Reachable Assertion"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-10T21:22:30.299Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24798", "state": "PUBLISHED", "dateUpdated": "2025-07-11T16:51:10.534Z", "dateReserved": "2025-01-23T17:11:35.838Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-07-10T21:22:30.299Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:meshtastic:meshtastic_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "80418279-3324-462A-ACDE-87C2D3BB35DD", "versionEndExcluding": "2.6.2", "versionStartIncluding": "1.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2."}, {"lang": "es", "value": "Meshtastic es una soluci\u00f3n de red en malla de c\u00f3digo abierto. Desde la versi\u00f3n 1.2.1 hasta la 2.6.2, un paquete enviado al m\u00f3dulo de enrutamiento con want_response==true provoca un fallo. Esto puede provocar una degradaci\u00f3n del servicio para los nodos dentro del alcance de un remitente malicioso, o a trav\u00e9s de MQTT si el enlace descendente est\u00e1 habilitado. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 2.6.2."}], "id": "CVE-2025-24798", "lastModified": "2025-08-22T16:02:31.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-10T22:15:24.387", "references": [{"source": "security-advisories@github.com", "tags": ["Product"], "url": "https://github.com/meshtastic/firmware/blob/cdcbf4c61550e45c125e17a20aff4275e9389655/src/modules/RoutingModule.cpp#L44-L48"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/meshtastic/firmware/commit/dc100e4d3e3dfbf58d3ead8141a49cddb0cbdc19"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/meshtastic/firmware/security/advisories/GHSA-4q84-546j-3mf5"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "security-advisories@github.com", "type": "Primary"}]}