MQTT vulnerability?

I ran across an article, while searching for MQTT and Losant, that I would like your comment on.
Looks like it’s from last year, so I’m curious to if this is even an issue.
Or is it more related to the code running on the embedded device ?
See page 17 in the following document.

See

Lars,

I just reviewed the document. This was indeed an issue with the client. In the review, it mentions “A fix has since been reviewed and adjusted.”, and links to the fix.

Thanks for bringing this up!