CVE-2025-34449

Published
View on NVD ↗
CVSS v3
9.1
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS

Description

Genymobile/scrcpy versions up to and including 3.3.3, prior to commit 3e40b24, contain a buffer overflow vulnerability in the sc_device_msg_deserialize() function. A compromised device can send crafted messages that cause out-of-bounds reads, which may result in memory corruption or a denial-of-service condition. This vulnerability may allow further exploitation on the host system.

marlinkcyber/advisories
marlinkcyber/advisories
Security advisories and vulnerabilities discovered by Marlink Cyber
GitHubGitHub
2
Genymobile/scrcpy
Genymobile/scrcpy
Display and control your Android device
GitHubGitHub
143K