CVE-2026-42467: n/a
A denial of service vulnerability exists in the Open-SAE-J1939 software component within the function SAE_J1939_Read_Binary_Data_Transfer_DM16. This issue can be triggered by sending a specially crafted CAN frame on the J1939 bus. The vulnerability was identified as of November 30, 2025, and publicly disclosed in May 2026. No patch or official remediation guidance has been provided yet. There is no evidence of exploitation in the wild at this time.
AI Analysis
Technical Summary
CVE-2026-42467 describes a denial of service vulnerability in Open-SAE-J1939, specifically in the SAE_J1939_Read_Binary_Data_Transfer_DM16 function. The flaw allows an attacker to disrupt normal operation by sending a crafted CAN frame on the J1939 bus, causing the software to fail or become unresponsive. The vulnerability was introduced or identified as of commit b6caf884df46435e539b1ecbf92b6c29b345bdfe dated 2025-11-30. No CVSS score or detailed exploit information is available, and no patch or remediation level has been published.
Potential Impact
Successful exploitation results in denial of service, potentially disrupting communication on the J1939 bus where Open-SAE-J1939 is deployed. This could affect systems relying on this protocol for vehicle or industrial control communications. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should monitor vendor channels for updates and consider limiting exposure of the affected system to untrusted CAN bus traffic if feasible.
CVE-2026-42467: n/a
Description
A denial of service vulnerability exists in the Open-SAE-J1939 software component within the function SAE_J1939_Read_Binary_Data_Transfer_DM16. This issue can be triggered by sending a specially crafted CAN frame on the J1939 bus. The vulnerability was identified as of November 30, 2025, and publicly disclosed in May 2026. No patch or official remediation guidance has been provided yet. There is no evidence of exploitation in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-42467 describes a denial of service vulnerability in Open-SAE-J1939, specifically in the SAE_J1939_Read_Binary_Data_Transfer_DM16 function. The flaw allows an attacker to disrupt normal operation by sending a crafted CAN frame on the J1939 bus, causing the software to fail or become unresponsive. The vulnerability was introduced or identified as of commit b6caf884df46435e539b1ecbf92b6c29b345bdfe dated 2025-11-30. No CVSS score or detailed exploit information is available, and no patch or remediation level has been published.
Potential Impact
Successful exploitation results in denial of service, potentially disrupting communication on the J1939 bus where Open-SAE-J1939 is deployed. This could affect systems relying on this protocol for vehicle or industrial control communications. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users should monitor vendor channels for updates and consider limiting exposure of the affected system to untrusted CAN bus traffic if feasible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-04-27T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f4dd91cbff5d861017cf44
Added to database: 5/1/2026, 5:06:25 PM
Last enriched: 5/1/2026, 5:22:08 PM
Last updated: 5/1/2026, 6:21:58 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.