Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-22214

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer without verifying that the current write index remains within bounds. An attacker capable of sending crafted serial or TCP-framed input can cause the current write index to exceed the buffer size, resulting in a write past the end of the stack buffer. This condition leads to memory corruption and application crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.5%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-22214
  • Riot-Os » Riot » Version: 2013.08
    cpe:2.3:o:riot-os:riot:2013.08
  • Riot-Os » Riot » Version: 2014.01
    cpe:2.3:o:riot-os:riot:2014.01
  • Riot-Os » Riot » Version: 2014.05
    cpe:2.3:o:riot-os:riot:2014.05
  • Riot-Os » Riot » Version: 2014.12
    cpe:2.3:o:riot-os:riot:2014.12
  • Riot-Os » Riot » Version: 2015.09
    cpe:2.3:o:riot-os:riot:2015.09
  • Riot-Os » Riot » Version: 2015.12
    cpe:2.3:o:riot-os:riot:2015.12
  • Riot-Os » Riot » Version: 2016.04
    cpe:2.3:o:riot-os:riot:2016.04
  • Riot-Os » Riot » Version: 2016.07
    cpe:2.3:o:riot-os:riot:2016.07
  • Riot-Os » Riot » Version: 2016.10
    cpe:2.3:o:riot-os:riot:2016.10
  • Riot-Os » Riot » Version: 2017.01
    cpe:2.3:o:riot-os:riot:2017.01
  • Riot-Os » Riot » Version: 2017.04
    cpe:2.3:o:riot-os:riot:2017.04
  • Riot-Os » Riot » Version: 2017.07
    cpe:2.3:o:riot-os:riot:2017.07
  • Riot-Os » Riot » Version: 2017.10
    cpe:2.3:o:riot-os:riot:2017.10
  • Riot-Os » Riot » Version: 2018.01
    cpe:2.3:o:riot-os:riot:2018.01
  • Riot-Os » Riot » Version: 2018.04
    cpe:2.3:o:riot-os:riot:2018.04
  • Riot-Os » Riot » Version: 2018.07
    cpe:2.3:o:riot-os:riot:2018.07
  • Riot-Os » Riot » Version: 2018.10
    cpe:2.3:o:riot-os:riot:2018.10
  • Riot-Os » Riot » Version: 2018.10.1
    cpe:2.3:o:riot-os:riot:2018.10.1
  • Riot-Os » Riot » Version: 2019.01
    cpe:2.3:o:riot-os:riot:2019.01
  • Riot-Os » Riot » Version: 2019.04
    cpe:2.3:o:riot-os:riot:2019.04
  • Riot-Os » Riot » Version: 2019.07
    cpe:2.3:o:riot-os:riot:2019.07
  • Riot-Os » Riot » Version: 2019.10
    cpe:2.3:o:riot-os:riot:2019.10
  • Riot-Os » Riot » Version: 2020.01
    cpe:2.3:o:riot-os:riot:2020.01
  • Riot-Os » Riot » Version: 2020.01.1
    cpe:2.3:o:riot-os:riot:2020.01.1
  • Riot-Os » Riot » Version: 2020.04
    cpe:2.3:o:riot-os:riot:2020.04
  • Riot-Os » Riot » Version: 2021.01
    cpe:2.3:o:riot-os:riot:2021.01
  • Riot-Os » Riot » Version: 2021.04
    cpe:2.3:o:riot-os:riot:2021.04
  • Riot-Os » Riot » Version: 2021.07
    cpe:2.3:o:riot-os:riot:2021.07
  • Riot-Os » Riot » Version: 2021.10
    cpe:2.3:o:riot-os:riot:2021.10
  • Riot-Os » Riot » Version: 2022.01
    cpe:2.3:o:riot-os:riot:2022.01
  • Riot-Os » Riot » Version: 2022.04
    cpe:2.3:o:riot-os:riot:2022.04
  • Riot-Os » Riot » Version: 2022.07
    cpe:2.3:o:riot-os:riot:2022.07
  • Riot-Os » Riot » Version: 2022.10
    cpe:2.3:o:riot-os:riot:2022.10
  • Riot-Os » Riot » Version: 2023.01
    cpe:2.3:o:riot-os:riot:2023.01
  • Riot-Os » Riot » Version: 2023.04
    cpe:2.3:o:riot-os:riot:2023.04
  • Riot-Os » Riot » Version: 2023.07
    cpe:2.3:o:riot-os:riot:2023.07
  • Riot-Os » Riot » Version: 2023.10
    cpe:2.3:o:riot-os:riot:2023.10
  • Riot-Os » Riot » Version: 2024.01
    cpe:2.3:o:riot-os:riot:2024.01
  • Riot-Os » Riot » Version: 2024.04
    cpe:2.3:o:riot-os:riot:2024.04
  • Riot-Os » Riot » Version: 2024.07
    cpe:2.3:o:riot-os:riot:2024.07
  • Riot-Os » Riot » Version: 2024.10
    cpe:2.3:o:riot-os:riot:2024.10
  • Riot-Os » Riot » Version: 2025.01
    cpe:2.3:o:riot-os:riot:2025.01
  • Riot-Os » Riot » Version: 2025.04
    cpe:2.3:o:riot-os:riot:2025.04
  • Riot-Os » Riot » Version: 2025.07
    cpe:2.3:o:riot-os:riot:2025.07
  • Riot-Os » Riot » Version: 2026.01
    cpe:2.3:o:riot-os:riot:2026.01


Products
Pricing
Contact Us

Shodan ® - All rights reserved