Vulnerability Details: - Type: Stack-based buffer overflow - Location: RIOT OS ethos utility - Function: - Cause: Missing bounds checking when processing incoming serial frame data - Risk: Memory corruption, application crash, and potential arbitrary code execution Vulnerable Code: Root Cause: - is a fixed-size stack buffer - is unbounded - No validation against MTU (9000 bytes) Proof of Concept: - : Acts as a malicious server - Connects ethos to the exploit server on port 20000 - Sends a crafted payload causing a crash Exploitation: - Server listens on - Sends 9501 bytes payload, causing stack buffer overflow - Leads to an undefined behavior sanitizer error and crash Connection: - Command: - Crash message: