VYPR
Medium severity5.4NVD Advisory· Published Jul 9, 2025· Updated Apr 15, 2026

CVE-2025-49604

CVE-2025-49604

Description

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Ameba IoT/Ameba Rtos Dinferred2 versions
    <c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a+ 1 more
    • (no CPE)range: <c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a
    • (no CPE)range: before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a
  • Range: <3.1.9

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.