MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet...

6.5 / 10

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Description

Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint.

To mitigate this issue, users should upgrade to the fixed version when available.

Basic Information

ID CVE-2026-7422

Source AMZN

Published Apr 29, 2026 at 18:35

Modified Apr 29, 2026 at 19:07

Affected Product

Vendor AWS

Product FreeRTOS-Plus-TCP

Version 4.0.0

Affected Versions AWS FreeRTOS-Plus-TCP 4.0.0
AWS FreeRTOS-Plus-TCP 4.3.0

CWE Classification

CWE-290

References

{
    "lastseen": "",
    "description": "Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the loopback detection mechanism skips all input validation for packets whose source MAC matches a local endpoint.\n\n\n\nTo mitigate this issue, users should upgrade to the fixed version when available.",
    "published": "2026-04-29T18:35:33.797Z",
    "modified": "2026-04-29T19:07:31.899Z",
    "type": "cve",
    "title": "MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing",
    "source": "AMZN",
    "references": "https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.4.1\nhttps://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.2.6\nhttps://aws.amazon.com/security/security-bulletins/2026-021-aws/\nhttps://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-jpw4-6h59-62w9",
    "id": "CVE-2026-7422",
    "bulletinFamily": "",
    "cwe": [
        "CWE-290"
    ],
    "cvelist": null,
    "sourceData": "AWS FreeRTOS-Plus-TCP 4.0.0\nAWS FreeRTOS-Plus-TCP 4.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FreeRTOS-Plus-TCP",
    "version": "4.0.0",
    "vendor": "AWS",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

MAC Address Validation Bypass in FreeRTOS-Plus-TCP IPv4 and IPv6 Packet Processing_CVE-2026-7422