Vulnerabilities ›

CVE-2026-48685

Medium

CWE-130 — Weakness Type

                    Published: May 26, 2026                      ·  Modified: May 29, 2026                      ·  Source: NVD                

CVSS v3

6.5

🔗 NVD Official

📄 Description (English)

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_bgp_attribute() function correctly identifies when extended_length_bit is set and sets length_of_length_field to 2, but then reads only a single byte for the attribute value length (attribute_value_length = value[2] at line 173). Per RFC 4271 Section 4.3, when the Extended Length bit is set, the Attribute Length field is two octets and the value should be read as a 16-bit big-endian integer from value[2] and value[3]. As a result, any attribute longer than 255 bytes has its length silently truncated to the low byte (e.g., 300 bytes = 0x012C is read as 0x2C = 44 bytes). The remaining 256 bytes are then misinterpreted as subsequent attributes, causing cascading parse failures and potential out-of-bounds memory access.

🤖 AI Executive Summary

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds memory access vulnerability in BGP path attribute parsing where extended length flags are incorrectly handled, reading only one byte instead of two for attribute lengths. This causes attributes longer than 255 bytes to be truncated, leading to memory corruption and potential denial of service.

📄 Description (Arabic)

يحتوي FastNetMon Community Edition على خلل في دالة parse_raw_bgp_attribute() حيث يتم قراءة بايت واحد فقط بدلاً من بايتين عند تعيين علم الطول الممتد. يؤدي هذا إلى اقتطاع الخصائص الأطول من 255 بايت وسوء تفسير البيانات المتبقية كخصائص لاحقة.

🤖 ملخص تنفيذي (AI)

🤖 AI Intelligence Analysis Analyzed: May 27, 2026 17:45

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

telecom energy government

🎯 MITRE ATT&CK Techniques

T1499.004 T1203

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update FastNetMon Community Edition to version 1.3.0 or later. Implement input validation for BGP path attributes with extended length flags. Apply RFC 4271 compliant parsing logic that correctly reads 16-bit big-endian integers for extended length attribute values. Monitor BGP traffic for malformed attributes and implement rate limiting on BGP updates.

🔧 خطوات المعالجة (العربية)

قم بتحديث FastNetMon Community Edition إلى الإصدار 1.3.0 أو أحدث. قم بتنفيذ التحقق من صحة المدخلات لخصائص مسار BGP مع أعلام الطول الممتد. طبق منطق المعالجة المتوافق مع RFC 4271 الذي يقرأ بشكل صحيح أعداد صحيحة بطول 16 بت بترتيب البايت الكبير. راقب حركة BGP للبحث عن خصائص مشوهة وقم بتنفيذ تحديد معدل على تحديثات BGP.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.13.1.1 A.14.2.1

🔵 SAMA CSF

ID.BE-5 PR.DS-1

🟡 ISO 27001:2022

A.12.6.1 A.14.2.1

🔗 References & Sources 3

🔗

https://github.com/pavel-odintsov/fastnetmon

cve@mitre.org

Product

🔗

https://github.com/pavel-odintsov/fastnetmon/blob/master/src/bgp_protocol.hpp

cve@mitre.org

Product

🔗

https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48685-bgp-extended-length

cve@mitre.org

Third Party Advisory

📦 Affected Products / CPE 1 entries

pavel-odintsov:fastnetmon

📊 CVSS Score

6.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityN — None / Network

IntegrityN — None / Network

AvailabilityH — High

📋 Quick Facts

Severity Medium

CVSS Score6.5

CWECWE-130

EPSS0.04%

Exploit No

Patch ✗ No

Published 2026-05-26

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-130

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-48685

Introduce Yourself

Sign In Required