Platform
c
Component
bacnet-stack
Opgelost in
1.5.1
CVE-2026-21878 describes an arbitrary file write vulnerability discovered in the BACnet Stack, an open-source C library for embedded systems. This flaw allows attackers to write files to arbitrary locations on the system, potentially leading to code execution and system compromise. The vulnerability impacts versions of BACnet Stack up to and including 1.5.0.rc3 and has been resolved in version 1.5.0.rc3.
The primary impact of CVE-2026-21878 is the ability for an attacker to write arbitrary files to the system. This can be exploited to overwrite critical system files, inject malicious code, or gain persistent access. Successful exploitation could lead to complete system compromise, data exfiltration, and denial of service. The vulnerability resides in the file writing functionality within apps/readfile/main.c and ports/posix/bacfile-posix.c, highlighting the importance of secure file handling practices in embedded systems. While no direct precedent is immediately obvious, the potential for arbitrary file writes shares similarities with other privilege escalation vulnerabilities where attackers leverage file system access to gain higher privileges.
CVE-2026-21878 was publicly disclosed on 2026-02-13. The vulnerability is not currently listed on the CISA KEV catalog. No public proof-of-concept (PoC) code has been identified at the time of writing, but the ease of exploitation inherent in arbitrary file write vulnerabilities suggests a potential for rapid PoC development and exploitation. The EPSS score is pending evaluation.
Systems utilizing BACnet Stack in embedded devices, particularly those with limited security controls or exposed file systems, are at risk. This includes industrial control systems (ICS), building automation systems, and other IoT deployments relying on BACnet communication. Legacy systems running older versions of BACnet Stack are particularly vulnerable.
• linux / server:
find / -type f -name '*bacnet*' -mtime -7 -ls• linux / server:
journalctl -f | grep -i "bacnet"• generic web:
curl -I http://your-bacnet-system/ | grep -i "Content-Type"disclosure
Exploit Status
EPSS
0.06% (17% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2026-21878 is to upgrade to BACnet Stack version 1.5.0.rc3 or later, which includes the necessary file path validation fix. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or proxy to filter out malicious file path requests. Additionally, restrict file system permissions to the minimum necessary for the BACnet Stack application. Monitor system logs for unusual file creation or modification activity, particularly in sensitive directories. There are no specific Sigma or YARA rules readily available for this vulnerability, but creating custom rules based on file path patterns and unusual file creation events is recommended.
Actualice la biblioteca BACnet Stack a la versión 1.5.0.rc3 o superior. Esta versión corrige la vulnerabilidad de recorrido de directorios que permite la escritura de archivos en ubicaciones arbitrarias. La actualización evitará que atacantes exploten esta vulnerabilidad.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-21878 is a HIGH severity vulnerability affecting BACnet Stack versions up to 1.5.0.rc3. It allows attackers to write files to arbitrary locations, potentially leading to system compromise.
You are affected if you are using BACnet Stack version 1.5.0.rc3 or earlier. Check your version and upgrade immediately.
Upgrade to BACnet Stack version 1.5.0.rc3 or later. If immediate upgrade is not possible, implement WAF rules and restrict file system permissions.
No active exploitation has been confirmed at this time, but the vulnerability's nature suggests a potential for rapid exploitation.
Refer to the BACnet Stack project's official website or repository for the latest security advisories and updates.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.