Out-of-Bounds Read Vulnerability in BACnet Stack by BACnet
CVE-2026-41503

8.7HIGH

Key Information:

Vendor: Bacnet-stack
Status: Bacnet-stack
Vendor: CVE Published:; 24 April 2026

🔔 Create Bacnet-stack Vulnerability Alert

What is CVE-2026-41503?

BACnet Stack, an open source protocol stack for embedded systems, is susceptible to an out-of-bounds read vulnerability in its ReadPropertyMultiple service. This vulnerability allows unauthenticated remote attackers to exceed allocated buffer boundaries by sending a crafted RPM request containing a truncated property list. Specifically, the vulnerability arises from the rpm_decode_object_property() function, which calls a deprecated decoding method that fails to limit buffer length. As a consequence, this may lead to crashes on devices utilizing BACnet/IP when receiving a specially designed packet. The issue has been addressed in version 1.4.3.

Affected Version(s)

bacnet-stack >= 1.4.0, < 1.4.3

References

https://github.com/bacnet-stack/bacnet-stack/security/adv...

x_refsource_CONFIRM

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Apr 20, 2026

CVE-2026-41503 Data

JSON