CVE-2025-5688

HIGH

Amazon FreeRTOS 2.3.4-4.3.2 - Out-of-bounds Write via LLMNR or mDNS Query Processing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-5688. PoCs published by mbanyamer.

AI-analyzed exploit summary The repository contains a functional Python exploit for CVE-2025-5688, targeting an out-of-bounds write vulnerability in FreeRTOS-Plus-TCP's LLMNR/mDNS name parsing. The exploit crafts a malicious DNS query with an excessively long name to trigger memory corruption, leading to DoS or potential RCE.

Description

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.

Exploits (1)

nomisec WORKING POC
by mbanyamer · poc
https://github.com/mbanyamer/CVE-2025-5688-FreeRTOS-Plus-TCP-Out-of-Bounds-Write

The repository contains a functional Python exploit for CVE-2025-5688, targeting an out-of-bounds write vulnerability in FreeRTOS-Plus-TCP's LLMNR/mDNS name parsing. The exploit crafts a malicious DNS query with an excessively long name to trigger memory corruption, leading to DoS or potential RCE.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: FreeRTOS-Plus-TCP <= 4.3.1
No auth needed
Prerequisites: Target device on same LAN · LLMNR or mDNS enabled · Buffer Allocation Scheme 1
devstral-2 · analyzed Feb 26, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v4 7.5
EPSS 0.0031
EPSS Percentile 22.0%
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-787
Status published
Products (1)
Amazon/FreeRTOS 2.3.4 - 4.3.2
Published Jun 04, 2025
Tracked Since Feb 18, 2026