{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T19:42:10.161","vulnerabilities":[{"cve":{"id":"CVE-2025-69209","sourceIdentifier":"security-advisories@github.com","published":"2026-01-21T20:16:10.280","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large `decimalPlaces` values to the affected String constructors or concat methods, the `dtostrf` function writes beyond fixed-size stack buffers, causing memory corruption and denial of service. Under specific conditions, this could enable arbitrary code execution on AVR-based Arduino boards.\n\n### Patches\n\n- The Fix is included starting from the `1.8.7` release available from the following link [ArduinoCore-avr v1.8.7](https://github.com/arduino/ArduinoCore-avr)\n\n- The Fixing Commit is available at the following link [1a6a417f89c8901dad646efce74ae9d3ddebfd59](https://github.com/arduino/ArduinoCore-avr/pull/613/commits/1a6a417f89c8901dad646efce74ae9d3ddebfd59)\n\n### References\n\n- [ASEC-26-001 ArduinoCore-avr vXXXX Resolves Buffer Overflow Vulnerability](https://support.arduino.cc/hc/en-us/articles/XXXXX)\n\n### Credits\n\n- Maxime Rossi Bellom and Ramtine Tofighi Shirazi from SecMate (https://secmate.dev/)"},{"lang":"es","value":"ArduinoCore-avr contiene el código fuente y los archivos de configuración de la plataforma Arduino AVR Boards. Una vulnerabilidad en versiones anteriores a la 1.8.7 permite a un atacante activar un desbordamiento de búfer basado en pila al convertir valores de punto flotante a cadenas con alta precisión. Al pasar valores `decimalPlaces` muy grandes a los constructores de String o métodos concat afectados, la función `dtostrf` escribe más allá de los búferes de pila de tamaño fijo, causando corrupción de memoria y denegación de servicio. Bajo condiciones específicas, esto podría permitir la ejecución de código arbitrario en placas Arduino basadas en AVR.\n\n### Parches\n\n- La solución está incluida a partir de la versión `1.8.7` disponible en el siguiente enlace [ArduinoCore-avr v1.8.7](https://github.com/arduino/ArduinoCore-avr)\n\n- El commit de la solución está disponible en el siguiente enlace [1a6a417f89c8901dad646efce74ae9d3ddebfd59](https://github.com/arduino/ArduinoCore-avr/pull/613/commits/1a6a417f89c8901dad646efce74ae9d3ddebfd59)\n\n### Referencias\n\n- [ASEC-26-001 ArduinoCore-avr vXXXX Resuelve la vulnerabilidad de desbordamiento de búfer](https://support.arduino.cc/hc/en-us/articles/XXXXX)\n\n### Créditos\n\n- Maxime Rossi Bellom y Ramtine Tofighi Shirazi de SecMate (https://secmate.dev/)"}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://github.com/arduino/ArduinoCore-avr/commit/82a8ad2fb33911d8927c7af22e0472b94325d1a7","source":"security-advisories@github.com"},{"url":"https://github.com/arduino/ArduinoCore-avr/pull/613","source":"security-advisories@github.com"},{"url":"https://github.com/arduino/ArduinoCore-avr/releases/tag/1.8.7","source":"security-advisories@github.com"},{"url":"https://github.com/arduino/ArduinoCore-avr/security/advisories/GHSA-pvx3-fm7w-6hjm","source":"security-advisories@github.com"},{"url":"https://support.arduino.cc/hc/en-us/articles/24985906702748-ASEC-26-001-ArduinoCore-AVR-v1-8-7-Resolves-Stack-Based-Buffer-Overflow-Vulnerability","source":"security-advisories@github.com"}]}}]}