CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues

unknownCVE-2026-7425CVE-2026-7426
Bulletin ID: 2026-023-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/04/29 12:30 PM PDT Description: FreeRTOS-Plus-TCP is an open source TCP/IP stack implementation designed for FreeRTOS, providing a standard Berkeley sockets interface and support for essential networking protocols including IPv6, ARP, DHCP, DNS, and Router Advertisement (RA). We identified CVE-2026-7425 and CVE-2026-7426, one of them being out-of-bounds read and another one being out-of-bounds write issues respectively in the IPv6 Router Advertisement option parser where insufficient validation of length fields allows memory operations without proper bounds checking. Either issue can be exploited by any device on the local network that can send crafted Router Advertisement packets. No authentication or user interaction is required. Impacted versions: >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <=V4.4.0 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.

CSIRTS triage

vendor: Amazonproduct: FreeRTOS-Plus-TCPMemory corruptionaffected: >=V4.0.0 AND <=V4.2.5, >=V4.3.0 AND <=V4.3.1
What
Out-of-bounds read and write issues in the IPv6 Router Advertisement option parser.
Who is affected
Devices on the local network using FreeRTOS-Plus-TCP within the specified version range.
Urgency
Remediation is important due to the potential for memory corruption exploits.
Action
Update to a version of FreeRTOS-Plus-TCP outside the affected range.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch FreeRTOS-Plus-TCP

Get an email when a new FreeRTOS-Plus-TCP advisory drops — max one per day, one-click unsubscribe.

Details

Source
AWS Security Bulletins (INTL · vendor-psirt · site)
Severity
unknown
Published
2026-06-05
Exploitation
Not in CISA KEV at last sync

Original advisory: https://aws.amazon.com/security/security-bulletins/rss/2026-023-aws/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-7425coverage & exploitation statusNVD · CVE.org
CVE-2026-7426coverage & exploitation statusNVD · CVE.org

More from AWS Security Bulletins