Description
A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-07-03
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack-based buffer overflow exists in the CAN_Receive function of the SWM341 CAN handler library shipped with RT‑Thread firmware versions up to 5.0.2. The flaw is classified as CWE‑119 and CWE‑121 and allows a local attacker who can send crafted CAN messages to overwrite stack memory, potentially leading to arbitrary code execution or a denial‑of‑service condition.

Affected Systems

RT‑Thread firmware up to version 5.0.2 is affected. The vulnerable code resides in the SWM341_CSL/CMSIS/DeviceSupport/SWM341.h library, which implements the CAN_Receive function for SWM341 controller based devices. Any system that uses this firmware on hardware with the SWM341 CAN interface is at risk.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity vulnerability. The EPSS score is < 1 %, meaning that large‑scale exploitation is currently unlikely, yet an exploit has been publicly released. The vulnerability is not listed in the CISA KEV catalog. Attackers need local access to the device’s CAN bus—physical or administrative—making the risk confined to environments where the CAN interface can be manipulated directly.

Generated by OpenCVE AI on July 5, 2026 at 00:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade RT‑Thread to any release newer than 5.0.2 that contains the corrected CAN_Receive implementation.
  • If a firmware update cannot be performed, disable the SWM341 CAN interface or remove the SWM341_CSL library component to eliminate the vulnerable code path.
  • Restrict local physical or administrative access to the device’s CAN bus and monitor traffic for anomalous patterns that could indicate an attempted overflow attempt.

Generated by OpenCVE AI on July 5, 2026 at 00:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Jul 2026 20:00:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title RT-Thread SWM341 CAN SWM341.h CAN_Receive stack-based overflow
First Time appeared Rt-thread
Rt-thread rt-thread
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:a:rt-thread:rt-thread:*:*:*:*:*:*:*:*
Vendors & Products Rt-thread
Rt-thread rt-thread
References
Metrics cvssV2_0

{'score': 6.8, 'vector': 'AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.8, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}


Subscriptions

Rt-thread Rt-thread
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-07-03T19:30:08.022Z

Reserved: 2026-07-03T13:51:36.756Z

Link: CVE-2026-14606

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-05T00:45:04Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer

  • CWE-121

    Stack-based Buffer Overflow