GHSA-p2cc-x7hq-6jvm
CANBoat versions through 6.22 contain an off-by-one global buffer overflow vulnerability in the searchForPgn() function within analyzer/pgn.c. This flaw allows remote attackers to crash the application by sending a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or N2K-over-IP, causing an out-of-bounds array access and denial of service.
AI Analysis
Technical Summary
An off-by-one global buffer overflow exists in CANBoat through version 6.22 within the searchForPgn() function located in analyzer/pgn.c. The vulnerability is triggered when a remote attacker delivers a specially crafted NMEA-2000 message containing an out-of-range Parameter Group Number (PGN) value over CAN bus or N2K-over-IP. This results in an out-of-bounds array access leading to a denial of service by crashing the application. The issue is fixed in a commit identified as a5a22b7. No known exploits are reported in the wild.
Potential Impact
Successful exploitation allows remote attackers to cause a denial of service by crashing the CANBoat application through an out-of-bounds array access. This disrupts normal operation but does not indicate code execution or data disclosure based on the provided information.
Mitigation Recommendations
A fix is available as the vulnerability was addressed in commit a5a22b7. Users should update CANBoat to the version including this commit to remediate the issue. No additional mitigation actions are specified.
GHSA-p2cc-x7hq-6jvm
Description
CANBoat versions through 6.22 contain an off-by-one global buffer overflow vulnerability in the searchForPgn() function within analyzer/pgn.c. This flaw allows remote attackers to crash the application by sending a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or N2K-over-IP, causing an out-of-bounds array access and denial of service.
CVSS v4.0
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
An off-by-one global buffer overflow exists in CANBoat through version 6.22 within the searchForPgn() function located in analyzer/pgn.c. The vulnerability is triggered when a remote attacker delivers a specially crafted NMEA-2000 message containing an out-of-range Parameter Group Number (PGN) value over CAN bus or N2K-over-IP. This results in an out-of-bounds array access leading to a denial of service by crashing the application. The issue is fixed in a commit identified as a5a22b7. No known exploits are reported in the wild.
Potential Impact
Successful exploitation allows remote attackers to cause a denial of service by crashing the CANBoat application through an out-of-bounds array access. This disrupts normal operation but does not indicate code execution or data disclosure based on the provided information.
Mitigation Recommendations
A fix is available as the vulnerability was addressed in commit a5a22b7. Users should update CANBoat to the version including this commit to remediate the issue. No additional mitigation actions are specified.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-p2cc-x7hq-6jvm
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-56790"]
- Ecosystems
- []
- Database Specific Severity
- HIGH
- Cvss Version
- 4.0
Threat ID: 6a3ef7ea27e9c79719032f07
Added to database: 06/26/2026, 22:06:34 UTC
Last enriched: 06/26/2026, 22:47:38 UTC
Last updated: 06/26/2026, 23:51:21 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.