CVE-2025-5688 HIGH

CVE-2025-5688: Out of Bounds Write in FreeRTOS-Plus-TCP

Vendor Amazon
Product FreeRTOS
Weakness CWE-787
Published June 4, 2025
Last update October 14, 2025

CVSS base score

7.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Key dates

02Disclosure timeline

June 4, 2025 CVE published
October 14, 2025 Record updated