{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/rt-thread--5.0.2/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-14606"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["RT-Thread \u003c= 5.0.2"],"_cs_severities":["high"],"_cs_tags":["vulnerability","buffer-overflow","RT-Thread","IoT","ICS","embedded-systems"],"_cs_type":"advisory","_cs_vendors":["RT-Thread"],"content_html":"\u003cp\u003eA critical security flaw, identified as CVE-2026-14606, has been discovered within versions of RT-Thread up to and including 5.0.2. This vulnerability specifically impacts the \u003ccode\u003eCAN_Receive\u003c/code\u003e function, located in the \u003ccode\u003ebsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h\u003c/code\u003e library, which is part of the SWM341 CAN Handler component. Attackers can trigger a stack-based buffer overflow by performing a specific manipulation, which requires local access to the affected device. While local access is a prerequisite, the exploit code has been publicly released, significantly lowering the bar for malicious actors to leverage this flaw. The vendor, RT-Thread, was reportedly notified prior to public disclosure but has not yet provided a response or patch. This vulnerability is significant for organizations using RT-Thread in embedded systems, particularly in IoT and industrial control environments, as successful exploitation could lead to arbitrary code execution or denial of service.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14606 would result in a stack-based buffer overflow, potentially leading to arbitrary code execution or a denial of service on affected RT-Thread devices. Given that the vulnerability requires local access, the primary risk lies in scenarios where an attacker has already compromised the device through other means or has physical access. The public availability of exploit code increases the likelihood of widespread exploitation once initial access is gained. Organizations utilizing RT-Thread in critical infrastructure, IoT deployments, or embedded systems could face severe operational disruptions, data compromise, or loss of device integrity if these systems are compromised. The lack of a vendor response further exacerbates the risk, leaving users without an official patch.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-14606 immediately once a vendor-supplied update for RT-Thread \u0026lt;= 5.0.2 becomes available.\u003c/li\u003e\n\u003cli\u003eReview and restrict local access privileges to devices running affected RT-Thread versions to mitigate the risk of local exploitation of CVE-2026-14606.\u003c/li\u003e\n\u003cli\u003eImplement strong access controls and physical security measures for devices where local access could lead to compromise via CVE-2026-14606.\u003c/li\u003e\n\u003cli\u003eContinuously monitor for any unauthorized process execution or system instability on RT-Thread devices that might indicate exploitation of CVE-2026-14606.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T20:24:37Z","date_published":"2026-07-03T20:24:37Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14606-rt-thread/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-14606) exists in RT-Thread versions up to 5.0.2, specifically in the `CAN_Receive` function of the SWM341 CAN Handler component, allowing for local exploitation via manipulation, with a public exploit available.","title":"CVE-2026-14606 — Stack-Based Buffer Overflow in RT-Thread CAN_Receive","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14606-rt-thread/"}],"language":"en","title":"CraftedSignal Threat Feed - RT-Thread \u003c= 5.0.2","version":"https://jsonfeed.org/version/1.1"}