CVE-2025-49604

Published: Jul 9, 2025

Modified: Sep 22, 2025

PUBLISHED

Description

For Realtek AmebaD devices, a heap-based buffer overflow was discovered in Ameba-AIoT ameba-arduino-d before version 3.1.9 and ameba-rtos-d before commit c2bfd8216a1cbc19ad2ab5f48f372ecea756d67a on 2025/07/03. In the WLAN driver defragment function, lack of validation of the size of fragmented Wi-Fi frames may lead to a heap-based buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/Ameba-AIoT/ameba-arduino-d/releases/tag/V3.1.9

https://github.com/Ameba-AIoT/ameba-arduino-d/pull/281

https://www.amebaiot.com/en/security-bulletin-cve-2025-49604/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-49604

Description

Affected Products

References