CVE-2025-47869
BaseFortify
Publication date: 2025-06-16
Last updated on: 2025-06-17
Assigner: Apache Software Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apache | nuttx | From 6.22 (inc) to 12.9.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow issue in the Apache NuttX RTOS apps/examples/xmlrpc application. The example application used a device stats structure with hardcoded buffer sizes to store remotely provided parameters. Because the buffer sizes were fixed and not properly matched to the actual data size, this could lead to buffer overflow, potentially causing unexpected behavior or crashes. The issue was fixed by updating the buffer sizes to be dynamically set based on the configurable macro CONFIG_XMLRPC_STRINGSIZE+1, ensuring buffers are properly sized. [1, 2]
How can this vulnerability impact me? :
If you use or base your code on the affected Apache NuttX RTOS XMLRPC example application versions from 6.22 up to but not including 12.9.0, this vulnerability could allow buffer overflow when processing remotely provided parameters. This may lead to application crashes, unexpected behavior, or potential security risks such as memory corruption. Updating to version 12.9.0 or later and reviewing your code to adjust buffer sizes as recommended will mitigate this risk. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves reviewing your codebase for usage of the vulnerable XMLRPC example application in Apache NuttX RTOS versions from 6.22 up to but not including 12.9.0, specifically checking for hardcoded buffer sizes in the device stats structure or calls.c file. You can verify buffer size configurations by inspecting build-time macros such as CONFIG_XMLRPC_STRINGSIZE and EXAMPLES_XMLRPC_BUFFERSIZE in your build configuration (e.g., via menuconfig). Additionally, building and running the XMLRPC example on a development board (like ESP32) with these configurations can help confirm if the vulnerable buffer sizes are present. There are no specific network commands provided for detection. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include reviewing your code that uses the XMLRPC example application and updating buffer sizes to match the fixed version as presented in Apache NuttX RTOS release 12.9.0. Specifically, update buffer sizes to be dynamically set based on the macro CONFIG_XMLRPC_STRINGSIZE + 1 instead of hardcoded values. Rebuild your application with these updated configurations and verify successful compilation and runtime behavior. If possible, upgrade your Apache NuttX RTOS to version 12.9.0 or later where this fix is included. [1, 2]