CVE-2025-49604 - Vulnerability Details

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281
https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9
https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/

History

Mon, 08 Sep 2025 15:00:00 +0000

Type	Values Removed	Values Added
Description	DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.
References		https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281 https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9 https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/

Tue, 22 Jul 2025 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-122
CPEs	cpe:2.3:a:realtek:ameba-rtos-d:::::::: cpe:2.3:a:realtek:ameba_arduino_sdk::::::::
Vendors & Products	Realtek Realtek ameba-rtos-d Realtek ameba Arduino Sdk
References	https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281 https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9 https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/
Metrics	cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}`

Tue, 22 Jul 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 22 Jul 2025 14:30:00 +0000

Type	Values Removed	Values Added
Description	For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.	DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Fri, 18 Jul 2025 18:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Realtek Realtek ameba-rtos-d Realtek ameba Arduino Sdk
CPEs		cpe:2.3:a:realtek:ameba-rtos-d:::::::: cpe:2.3:a:realtek:ameba_arduino_sdk::::::::
Vendors & Products		Realtek Realtek ameba-rtos-d Realtek ameba Arduino Sdk

Tue, 15 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00027}`	epss `{'score': 0.0003}`

Wed, 09 Jul 2025 21:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-122
Metrics		cvssV3_1 `{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 09 Jul 2025 16:15:00 +0000

Type	Values Removed	Values Added
Description	A buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03 in Realtek AmebaD devices. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a buffer overflow.	For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

Wed, 09 Jul 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		A buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03 in Realtek AmebaD devices. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a buffer overflow.
References		https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281 https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9 https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-07-09T00:00:00.000Z

Updated: 2025-09-08T14:50:03.258Z

Reserved: 2025-06-06T00:00:00.000Z

Link: CVE-2025-49604

Vulnrichment

Updated: 2025-07-09T20:46:03.345Z

NVD

Status : Received

Published: 2025-07-09T16:15:24.137

Modified: 2025-09-08T15:15:36.237

Link: CVE-2025-49604

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object