{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/embedded-systems/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-14606"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["RT-Thread \u003c= 5.0.2"],"_cs_severities":["high"],"_cs_tags":["vulnerability","buffer-overflow","RT-Thread","IoT","ICS","embedded-systems"],"_cs_type":"advisory","_cs_vendors":["RT-Thread"],"content_html":"\u003cp\u003eA critical security flaw, identified as CVE-2026-14606, has been discovered within versions of RT-Thread up to and including 5.0.2. This vulnerability specifically impacts the \u003ccode\u003eCAN_Receive\u003c/code\u003e function, located in the \u003ccode\u003ebsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h\u003c/code\u003e library, which is part of the SWM341 CAN Handler component. Attackers can trigger a stack-based buffer overflow by performing a specific manipulation, which requires local access to the affected device. While local access is a prerequisite, the exploit code has been publicly released, significantly lowering the bar for malicious actors to leverage this flaw. The vendor, RT-Thread, was reportedly notified prior to public disclosure but has not yet provided a response or patch. This vulnerability is significant for organizations using RT-Thread in embedded systems, particularly in IoT and industrial control environments, as successful exploitation could lead to arbitrary code execution or denial of service.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-14606 would result in a stack-based buffer overflow, potentially leading to arbitrary code execution or a denial of service on affected RT-Thread devices. Given that the vulnerability requires local access, the primary risk lies in scenarios where an attacker has already compromised the device through other means or has physical access. The public availability of exploit code increases the likelihood of widespread exploitation once initial access is gained. Organizations utilizing RT-Thread in critical infrastructure, IoT deployments, or embedded systems could face severe operational disruptions, data compromise, or loss of device integrity if these systems are compromised. The lack of a vendor response further exacerbates the risk, leaving users without an official patch.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-14606 immediately once a vendor-supplied update for RT-Thread \u0026lt;= 5.0.2 becomes available.\u003c/li\u003e\n\u003cli\u003eReview and restrict local access privileges to devices running affected RT-Thread versions to mitigate the risk of local exploitation of CVE-2026-14606.\u003c/li\u003e\n\u003cli\u003eImplement strong access controls and physical security measures for devices where local access could lead to compromise via CVE-2026-14606.\u003c/li\u003e\n\u003cli\u003eContinuously monitor for any unauthorized process execution or system instability on RT-Thread devices that might indicate exploitation of CVE-2026-14606.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T20:24:37Z","date_published":"2026-07-03T20:24:37Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14606-rt-thread/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-14606) exists in RT-Thread versions up to 5.0.2, specifically in the `CAN_Receive` function of the SWM341 CAN Handler component, allowing for local exploitation via manipulation, with a public exploit available.","title":"CVE-2026-14606 — Stack-Based Buffer Overflow in RT-Thread CAN_Receive","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14606-rt-thread/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-14605"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["RT-Thread (up to 5.0.2)"],"_cs_severities":["high"],"_cs_tags":["rt-thread","buffer-overflow","cve","local-exploitation","embedded-systems"],"_cs_type":"advisory","_cs_vendors":["RT-Thread"],"content_html":"\u003cp\u003eA critical stack-based buffer overflow vulnerability, identified as CVE-2026-14605, has been discovered in RT-Thread, an open-source real-time operating system, affecting versions up to 5.0.2. The flaw resides specifically within the \u003ccode\u003erecvmsg\u003c/code\u003e function in the \u003ccode\u003ebsp/loongson/ls1cdev/libraries/ls1c_can.h\u003c/code\u003e library, part of the \u003ccode\u003els1c CAN Handler\u003c/code\u003e component. Exploitation of this vulnerability necessitates local access to the affected system, meaning an attacker must already have a foothold on the device. A public exploit for this vulnerability is available, increasing the likelihood of its use by malicious actors. The vendor, RT-Thread, was contacted regarding this disclosure but has not provided a response, leaving affected systems at risk. This vulnerability poses a significant threat to the confidentiality, integrity, and availability of systems utilizing affected RT-Thread versions.\u003c/p\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-14605, a stack-based buffer overflow, could lead to a complete compromise of the affected RT-Thread system. With high impact on confidentiality, integrity, and availability (CVSS 3.1 Base Score 7.8), attackers could potentially execute arbitrary code with elevated privileges, gain full control over the embedded device, or cause system instability and denial of service. Since RT-Thread is commonly used in embedded systems and IoT devices, successful exploitation could have severe consequences ranging from data exfiltration and intellectual property theft to physical disruption of critical infrastructure or industrial control systems.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately patch or update RT-Thread installations to a version beyond 5.0.2 to remediate CVE-2026-14605.\u003c/li\u003e\n\u003cli\u003eRestrict local access to all devices running affected RT-Thread versions as exploitation of CVE-2026-14605 requires local access.\u003c/li\u003e\n\u003cli\u003eMonitor for any unusual activity or process behavior on devices running RT-Thread, especially after any local access event, given the public availability of an exploit for CVE-2026-14605.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-03T20:23:58Z","date_published":"2026-07-03T20:23:58Z","id":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14605-rt-thread-bo/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-14605) exists in the `recvmsg` function of the `ls1c CAN Handler` component within RT-Thread up to version 5.0.2, requiring local access for exploitation and having a publicly available exploit, potentially leading to high impact on confidentiality, integrity, and availability.","title":"CVE-2026-14605: RT-Thread Stack-based Buffer Overflow","url":"https://feed.craftedsignal.io/briefs/2026-07-cve-2026-14605-rt-thread-bo/"}],"language":"en","title":"CraftedSignal Threat Feed - Embedded-Systems","version":"https://jsonfeed.org/version/1.1"}