CVE Details
Basic Information
| Title | uYanki board-stm32f103rc-berial heartrate1_hal.c heartrate1_i2c_hal_write stack-based overflow |
|---|---|
| Type | cve |
| Published | 2025-06-15T22:00:12.638Z |
| Last Seen |
Product Information
| Vendor | uYanki |
|---|---|
| Product | board-stm32f103rc-berial |
| Version | 84daed541609cb7b46854cc6672a275d1007e295 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical stack-based buffer overflow vulnerability exists in the `heartrate1_i2c_hal_write` function of the uYanki board-stm32f103rc-berial firmware. This flaw allows attackers to execute arbitrary code by manipulating the `num` argument, potentially leading to system compromise. The product uses continuous delivery with rolling releases, so no specific affected versions are available. |
|---|---|
| AI Severity | Medium |
| Vendor | uYanki |
| Product | board-stm32f103rc-berial |
| Affected Version | up to 84daed541609cb7b46854cc6672a275d1007e295 |
Affected Products
- uYanki board-stm32f103rc-berial 84daed541609cb7b46854cc6672a275d1007e295
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-121, CWE-119 |
| Bulletin Family |
References
Description
A vulnerability classified as critical was found in uYanki board-stm32f103rc-berial up to 84daed541609cb7b46854cc6672a275d1007e295. This vulnerability affects the function heartrate1_i2c_hal_write of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The manipulation of the argument num leads to stack-based buffer overflow. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.