top of page
perceptive_background_267k.jpg

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Tr…

Published:

30 april 2026 om 22:00:00

Alert date:

1 mei 2026 om 21:01:21

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Critical Infrastructure

Integer underflow vulnerability in Open-SAE-J1939 library through commit b6caf884df46435e539b1ecbf92b6c29b345bdfe dated 2025-11-30. The vulnerability exists in the SAE_J1939_Read_Transport_Protocol_Data_Transfer function and allows attackers to write to arbitrary memory locations. Exploitation occurs through crafted sequence numbers transmitted via CAN frames. This affects automotive and industrial systems using the SAE J1939 communication protocol. The vulnerability could potentially allow remote code execution or system compromise in affected CAN-based networks.

Technical details

Mitigation steps:

Affected products:

Open-SAE-J1939

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-37534
https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381
https://github.com/DanielMartensson/Open-SAE-J1939

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page