CVE-2021-3625

CRITICAL

Zephyr 2.5.0-2.6.9 - Heap-based Buffer Overflow in USB DFU DNLOAD

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-3625. PoCs published by szymonh.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2021-3625, a buffer overflow vulnerability in Zephyr-based USB devices up to version 2.5.0. The exploits demonstrate memory readout and buffer overflow write via crafted USB control transfer requests.

Description

Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363

Exploits (1)

nomisec WORKING POC 7 stars

by szymonh · poc

https://github.com/szymonh/zephyr_cve-2021-3625

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2021-3625, a buffer overflow vulnerability in Zephyr-based USB devices up to version 2.5.0. The exploits demonstrate memory readout and buffer overflow write via crafted USB control transfer requests.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Zephyr-based USB devices up to and including version 2.5.0

No auth needed

Prerequisites: Physical or logical access to the USB device · Libusb with increased MAX_CTRL_BUFFER_LENGTH

MITRE ATT&CK

T1006 - Direct Volume Access T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363

Scores

CVSS v3 9.6

EPSS 0.0227

EPSS Percentile 80.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Details

CWE

CWE-122 CWE-787

Status published

Products (1)

zephyrproject/zephyr 2.5.0 - 2.7.0

Published Oct 05, 2021

Tracked Since Feb 18, 2026