Impact
The vulnerability is an off‑by‑one out‑of‑bounds array access in the searchForPgn() routine of CANBoat. This flaw allows attackers to crash the application, resulting in a denial of service to the CAN‑bus interface and any dependent systems. The weakness is classified as CWE‑193, indicating a classic off‑by‑one error.
Affected Systems
CANBoat versions up to and including 6.22 are affected. The problem exists in the analyzer/pgn.c component of the software. A fix is provided in the commit a5a22b74b9ace which addresses the buffer overflow.
Risk and Exploitability
The CVSS score of 7 indicates noteworthy severity. No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. Attackers can trigger the crash remotely by sending a crafted NMEA‑2000 message with an out‑of‑range PGN value over CAN bus or N2K‑over‑IP. The attack requires network access to the CAN‑bus interface, but does not require special credentials.
OpenCVE Enrichment