CVE-2024-25390 – A heap buffer overflow vulnerability in RT-Thre... (How to Fix)

Q: What is the severity of CVE-2024-25390?

CVE-2024-25390 has a CVSS score of 8.4 (HIGH). A heap buffer overflow vulnerability in RT-Thread's command shell components allows attackers to execute arbitrary code or cause denial of service. This affects all systems running RT-Thread RTOS up to version 5.0.2, particularly embedded devices and IoT systems using this real-time operating system.

📋 TL;DR

A heap buffer overflow vulnerability in RT-Thread's command shell components allows attackers to execute arbitrary code or cause denial of service. This affects all systems running RT-Thread RTOS up to version 5.0.2, particularly embedded devices and IoT systems using this real-time operating system.

💻 Affected Systems

Products:

RT-Thread Real-Time Operating System

Versions: All versions through 5.0.2

Operating Systems: RT-Thread RTOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the command shell components (finsh/msh), which are commonly enabled in RT-Thread deployments for debugging and management.

📦 What is this software?

Rt Thread by Rt Thread

View all CVEs affecting Rt Thread →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, device takeover, or persistent malware installation.

🟠

Likely Case

Denial of service causing system crashes or instability, potentially leading to device malfunction in critical systems.

🟢

If Mitigated

Limited impact if shell access is restricted or disabled, though buffer overflow could still be triggered through other vectors.

🌐 Internet-Facing: MEDIUM - Risk depends on whether vulnerable shell components are exposed to network interfaces.

🏢 Internal Only: HIGH - Embedded systems often have limited security controls, making exploitation easier once initial access is gained.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to the command shell interface. Public technical details and proof-of-concept information are available in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.0.3 and later

Vendor Advisory: https://github.com/RT-Thread/rt-thread/issues/8286

Restart Required: Yes

Instructions:

1. Update RT-Thread to version 5.0.3 or later. 2. Rebuild and redeploy the firmware/application. 3. Restart affected devices.

🔧 Temporary Workarounds

Disable vulnerable shell components

all

Disable finsh and msh command shell interfaces if not required for operation.

# In RT-Thread configuration, disable: RT_USING_FINSH and RT_USING_MSH

Restrict shell access

all

Implement access controls to limit who can access the command shell interface.

# Configure authentication and network access controls for shell interfaces

🧯 If You Can't Patch

Implement network segmentation to isolate RT-Thread devices from untrusted networks
Monitor for abnormal shell access attempts and buffer overflow patterns in system logs

🔍 How to Verify

Check if Vulnerable:

Check RT-Thread version: if version <= 5.0.2 and finsh/msh components are enabled, system is vulnerable.

Check Version:

Check RT-Thread version in source code or via system information commands if shell is accessible.

Verify Fix Applied:

Verify RT-Thread version is 5.0.3 or later and confirm finsh/msh components have been updated.

📡 Detection & Monitoring

Log Indicators:

Unusual shell command patterns
System crashes or restarts after shell access
Buffer overflow error messages

Network Indicators:

Unexpected connections to shell ports (typically 23/tcp for telnet or custom ports)
Malformed data sent to shell interfaces

SIEM Query:

source="rt-thread" AND (event="buffer_overflow" OR event="segmentation_fault" OR cmd="*overflow*")

📊 Metadata

CVE ID: CVE-2024-25390

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-122

Published: March 27, 2024

Last Updated: November 4, 2025

🔗 References

http://www.openwall.com/lists/oss-security/2024/03/05/1 Mailing List
https://github.com/RT-Thread/rt-thread/issues/8286 Issue Tracking
https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt Third Party Advisory
https://seclists.org/fulldisclosure/2024/Mar/28 Mailing List
https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/ Third Party Advisory
http://seclists.org/fulldisclosure/2024/Mar/28
http://www.openwall.com/lists/oss-security/2024/03/05/1 Mailing List
https://github.com/RT-Thread/rt-thread/issues/8286 Issue Tracking
https://github.com/hnsecurity/vulns/blob/main/HNS-2024-05-rt-thread.txt Third Party Advisory
https://seclists.org/fulldisclosure/2024/Mar/28 Mailing List
https://security.humanativaspa.it/multiple-vulnerabilities-in-rt-thread-rtos/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25390, you might also want to check these: