Metrics
Affected Vendors & Products
Fri, 03 Oct 2025 15:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Meshtastic meshtastic Firmware | |
| CPEs | cpe:2.3:o:meshtastic:meshtastic_firmware:*:*:*:*:*:*:*:* | |
| Vendors & Products | Meshtastic meshtastic Firmware | 
Tue, 22 Apr 2025 08:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | ssvc 
 | 
Tue, 15 Apr 2025 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 14 Apr 2025 23:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2. | |
| Title | Meshtastic incorrectly hands malformed packets leads to controlled buffer overflow | |
| Weaknesses | CWE-119 CWE-122 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published: 2025-04-14T23:25:19.152Z
Updated: 2025-04-21T14:10:47.019Z
Reserved: 2025-01-23T17:11:35.838Z
Link: CVE-2025-24797
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-04-15T02:55:49.194Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-04-15T00:15:14.353
Modified: 2025-10-03T15:31:58.283
Link: CVE-2025-24797
 Redhat
                        Redhat
                    No data.