Stack-Based Buffer Overflow in uYanki Board by Vendor
CVE-2025-6093

5.1MEDIUM

Key Information:

Vendor: Uyanki
Status: Board-stm32f103rc-berial
Vendor: CVE Published:; 15 June 2025

What is CVE-2025-6093?

A stack-based buffer overflow vulnerability exists in the uYanki board-stm32f103rc-berial, specifically within the heartrate1_i2c_hal_write function of the file 7.Example/hal/i2c/max30100/Manual/demo2/2/heartrate1_hal.c. The issue arises from improper handling of the argument 'num', which can be manipulated to trigger the overflow. Since the product utilizes continuous delivery and rolling releases, specific version information regarding the affected and updated releases is not provided.

Affected Version(s)

board-stm32f103rc-berial 84daed541609cb7b46854cc6672a275d1007e295

References

https://vuldb.com/?id.312562

vdb-entrytechnical-description

https://vuldb.com/?ctiid.312562

signaturepermissions-required

https://vuldb.com/?submit.588106

third-party-advisory

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 15, 2025
Vulnerability Reserved
Jun 15, 2025

Credit

ybdesire (VulDB User)