CVE-2026-42469:
A buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005 allows remote attackers to cause denial of service or execute arbitrary code via crafted CANswitch frames due to improper validation of DLC values in canformat_canswitch.cpp.
Score
A numerical rating that indicates how dangerous this vulnerability is.
8.6High- Published Date:May 1, 2026
- CISA KEV Date:*No Data*
- Industries Affected:20
Threat Predictions
- EPSS Score:0.1
- EPSS Percentile:34%
Exploitability
- Score:3.9
- Attack Vector:NETWORK
- Attack Complexity:LOW
- Privileges Required:NONE
- User Interaction:NONE
- Scope:UNCHANGED
Impact
- Score:4.7
- Confidentiality Impact:LOW
- Integrity Impact:LOW
- Availability Impact:HIGH
Description Preview
A buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005 allows remote attackers to cause denial of service or execute arbitrary code via crafted CANswitch frames due to improper validation of DLC values in canformat_canswitch.cpp.
Overview
CVE-2026-42469 affects Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005, an open-source vehicle telemetry platform. The vulnerability is a stack-based buffer overflow located in the CANswitch frame parsing logic within `canformat_canswitch.cpp`. The parser does not enforce proper bounds checking on the DLC (Data Length Code) field of incoming CANswitch frames, allowing an attacker to supply an oversized or otherwise malformed DLC value that causes memory corruption. Because the attack can be initiated remotely over the network without any authentication or user interaction, it presents a significant risk. Exploitation may lead to a complete denial of service of the OVMS3 device or potentially allow full arbitrary code execution, posing risks to vehicle monitoring integrity and safety-adjacent functionality. The CVSS v3.1 score of 8.6 (HIGH) reflects impacts to confidentiality, integrity, and availability.
Remediation
- Users of OVMS3 version 3.3.005 should take the following steps to remediate or mitigate this vulnerability. First, monitor the official OVMS project repository for a patched release and upgrade to the latest available version as soon as a fix is published. In the interim, network-level controls should be applied to restrict access to the OVMS3 device, ensuring that only trusted hosts can communicate with the system and reducing the attack surface for remote exploitation. Firewall rules or network segmentation should be used to prevent untrusted external parties from sending CANswitch frames to the device. Additionally, operators should monitor device logs for anomalous behavior or unexpected resets that may indicate exploitation attempts.
References
- - [NVD Entry for CVE-2026-42469](https://nvd.nist.gov/vuln/detail/CVE-2026-42469)
- - [Researcher PoC/Gist – sgInnora](https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381)
- - [CWE-121: Stack-based Buffer Overflow](https://cwe.mitre.org/data/definitions/121.html)
- - [Open Vehicle Monitoring System 3 (OVMS3) Project](https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3)
Industries Affected
Below is a list of industries most commonly impacted or potentially at risk based on intelligence.
