We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-6693

RT-Thread device.c sys_device_write memory corruption



Description

EN DE

A vulnerability, which was classified as critical, was found in RT-Thread up to 5.1.0. This affects the function sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write of the file components/drivers/core/device.c. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way.

Es wurde eine kritische Schwachstelle in RT-Thread bis 5.1.0 gefunden. Betroffen hiervon ist die Funktion sys_device_open/sys_device_read/sys_device_control/sys_device_init/sys_device_close/sys_device_write der Datei components/drivers/core/device.c. Durch Manipulieren mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen.

Reserved 2025-06-26 | Published 2025-06-26 | Updated 2025-06-26 | Assigner VulDB


HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X
HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R
HIGH: 7.8CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R
6.8AV:L/AC:L/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR

Problem types

Memory Corruption

Timeline

2025-06-26:Advisory disclosed
2025-06-26:VulDB entry created
2025-06-26:VulDB entry last update

Credits

Zephyr Saxon (VulDB User) reporter

References

vuldb.com/?id.313959 (VDB-313959 | RT-Thread device.c sys_device_write memory corruption) vdb-entry technical-description

vuldb.com/?ctiid.313959 (VDB-313959 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.595813 (Submit #595813 | RT-Thread 5.1.0 Code Injection) third-party-advisory

vuldb.com/?submit.595814 (Submit #595814 | RT-Thread 5.1.0 Insufficient Control Flow Management (Duplicate)) third-party-advisory

vuldb.com/?submit.595827 (Submit #595827 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)) third-party-advisory

vuldb.com/?submit.595869 (Submit #595869 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)) third-party-advisory

vuldb.com/?submit.595870 (Submit #595870 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)) third-party-advisory

vuldb.com/?submit.595871 (Submit #595871 | RT-Thread 5.1.0 Improper Handling of Parameters (Duplicate)) third-party-advisory

github.com/RT-Thread/rt-thread/issues/10387 issue-tracking

cve.org (CVE-2025-6693)

nvd.nist.gov (CVE-2025-6693)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-6693

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.