FatFs Bugs Enable Physical Access Attacks on Numerous Devices

FatFs Bugs Enable Physical Access Attacks on Numerous Devices

First seen 3 Jul 2026, 13:32 UTC Risky.BizNews.Risky.Biz 78% similarity 66.6
Share:

Article Content

Browse articles
ThreatCluster

A set of seven unpatched vulnerabilities in the FatFs filesystem driver, discovered by runZero, allows attackers to exploit memory corruption through crafted filesystem images. These vulnerabilities require physical access to the device or can be triggered via certain OTA scenarios. All devices utilizing FatFs, which is common in industrial equipment and smart devices, are affected. Notably, no patches are currently available, and the vulnerabilities are linked to CVE-2026-8451 and CVE-2026-45659. The widespread use of FatFs makes the potential impact significant, as it is integrated into many embeddable devices. The vulnerabilities were publicly disclosed on June 30, 2026, with proof of concept (PoC) available shortly thereafter. The lack of vendor response raises concerns about the timely deployment of necessary security measures.

Key Points: • Seven unpatched vulnerabilities in the FatFs filesystem driver allow memory corruption attacks. • All devices using FatFs are vulnerable, requiring physical access or specific OTA conditions for exploitation. • No patches are currently available, raising significant security concerns for affected vendors.

ThreatCluster AI

Timeline

2026-05-22
CVE-2026-45659 published
A related vulnerability in FatFs was published and added to CISA KEV due to active exploitation.
News.Risky.Biz
2026-06-30
CVE-2026-8451 published
runZero disclosed a vulnerability in the FatFs filesystem driver that allows memory corruption attacks.
News.Risky.Biz
2026-07-01
First public PoC for CVE-2026-8451
Public proof of concept for exploiting the FatFs vulnerability was released, increasing urgency for affected vendors.
News.Risky.Biz

Community

Browse all →