Vulnerabilites related to amazon - freertos
CVE-2021-31571 (GCVE-0-2021-31571)
Vulnerability from cvelistv5
Published
2021-04-22 17:56
Modified
2024-08-03 23:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-03T21:11:47",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31571",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837",
"refsource": "MISC",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31571",
"datePublished": "2021-04-22T17:56:24",
"dateReserved": "2021-04-22T00:00:00",
"dateUpdated": "2024-08-03T23:03:33.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16524 (GCVE-0-2018-16524)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16524",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16524",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16526 (GCVE-0-2018-16526)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16526",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16526",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16600 (GCVE-0-2018-16600)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16600",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5688 (GCVE-0-2025-5688)
Vulnerability from cvelistv5
Published
2025-06-04 17:09
Modified
2025-06-04 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.
Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T18:12:03.678492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T18:18:46.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/FreeRTOS/FreeRTOS-Plus-TCP",
"defaultStatus": "unaffected",
"packageName": "FreeRTOS-Plus-TCP",
"product": "FreeRTOS",
"vendor": "Amazon",
"versions": [
{
"lessThan": "4.3.2",
"status": "affected",
"version": "2.3.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWe have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.\u003c/p\u003e\u003cp\u003e\u003cbr\u003eUsers should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes. \u003c/p\u003e\u003cbr\u003e"
}
],
"value": "We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled.\n\n\nUsers should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100: Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T17:09:54.718Z",
"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"shortName": "AMZN"
},
"references": [
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-012/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out of Bounds Write in FreeRTOS-Plus-TCP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"assignerShortName": "AMZN",
"cveId": "CVE-2025-5688",
"datePublished": "2025-06-04T17:09:54.718Z",
"dateReserved": "2025-06-04T15:11:43.065Z",
"dateUpdated": "2025-06-04T18:18:46.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16601 (GCVE-0-2018-16601)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16601",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16603 (GCVE-0-2018-16603)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:52.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16603",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:32:52.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16527 (GCVE-0-2018-16527)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16527",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16527",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31572 (GCVE-0-2021-31572)
Vulnerability from cvelistv5
Published
2021-04-22 17:56
Modified
2024-08-03 23:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-03T21:12:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b",
"refsource": "MISC",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31572",
"datePublished": "2021-04-22T17:56:35",
"dateReserved": "2021-04-22T00:00:00",
"dateUpdated": "2024-08-03T23:03:33.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16598 (GCVE-0-2018-16598)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16598",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32020 (GCVE-0-2021-32020)
Vulnerability from cvelistv5
Published
2021-05-03 21:12
Modified
2024-08-03 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:28.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-03T21:12:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-32020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63",
"refsource": "MISC",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-32020",
"datePublished": "2021-05-03T21:12:44",
"dateReserved": "2021-05-03T00:00:00",
"dateUpdated": "2024-08-03T23:17:28.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28115 (GCVE-0-2024-28115)
Vulnerability from cvelistv5
Published
2024-03-07 20:54
Modified
2024-08-28 17:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FreeRTOS | FreeRTOS-Kernel |
Version: < 10.6.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:48:49.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r"
},
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:freertos:freertos-kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "freertos-kernel",
"vendor": "freertos",
"versions": [
{
"lessThan": "10.6.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28115",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-08T19:12:30.872230Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:42:09.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FreeRTOS-Kernel",
"vendor": "FreeRTOS",
"versions": [
{
"status": "affected",
"version": "\u003c 10.6.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T20:54:00.743Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r"
},
{
"name": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2"
}
],
"source": {
"advisory": "GHSA-xcv7-v92w-gq6r",
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-28115",
"datePublished": "2024-03-07T20:54:00.743Z",
"dateReserved": "2024-03-04T14:19:14.059Z",
"dateUpdated": "2024-08-28T17:42:09.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16599 (GCVE-0-2018-16599)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:33.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16599",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16599",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:24:33.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27504 (GCVE-0-2021-27504)
Vulnerability from cvelistv5
Published
2023-11-21 17:43
Modified
2024-08-03 21:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
Texas Instruments devices running FREERTOS, malloc returns a valid
pointer to a small buffer on extremely large values, which can trigger
an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in
code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Texas Instruments | CC32XX |
Version: 0 < 4.40.00.07 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:26:09.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.ti.com/tool/TI-RTOS-MCU"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CC32XX",
"vendor": "Texas Instruments",
"versions": [
{
"lessThan": "4.40.00.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SimpleLink MSP432E4XX",
"vendor": "Texas Instruments",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SimpleLink-CC13XX",
"vendor": "Texas Instruments",
"versions": [
{
"lessThan": "4.40.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SimpleLink-CC26XX",
"vendor": "Texas Instruments",
"versions": [
{
"lessThan": "4.40.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SimpleLink-CC32XX",
"vendor": "Texas Instruments",
"versions": [
{
"lessThan": "4.10.03",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\nTexas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in \u0027malloc\u0027 for FreeRTOS, resulting in\n code execution.\n\n \n\n \u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in \u0027malloc\u0027 for FreeRTOS, resulting in\n code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-21T17:43:12.120Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"url": "https://www.ti.com/tool/TI-RTOS-MCU"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eTexas Instruments CC32XX \u2013 Update to v4.40.00.07\u003c/div\u003e\u003cdiv\u003eTexas Instruments SimpleLink CC13X0 \u2013 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\"\u003eUpdate to v4.10.03\u003c/a\u003e\u003c/div\u003e\u003cdiv\u003eTexas Instruments SimpleLink CC13X2-CC26X2 \u2013 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\"\u003eUpdate to v4.40.00\u003c/a\u003e\u003c/div\u003e\u003cdiv\u003eTexas Instruments SimpleLink CC2640R2 \u2013 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\"\u003eUpdate to v4.40.00\u003c/a\u003e\u003c/div\u003e\u003cdiv\u003eTexas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned\u003c/div\u003e\n\n\u003cbr\u003e"
}
],
"value": "Texas Instruments CC32XX \u2013 Update to v4.40.00.07\n\nTexas Instruments SimpleLink CC13X0 \u2013 Update to v4.10.03 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC13X2-CC26X2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC2640R2 \u2013 Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink MSP432E4 \u2013 Confirmed. No update currently planned"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Texas Instruments FREERTOS Integer Overflow or Wraparound",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27504",
"datePublished": "2023-11-21T17:43:12.120Z",
"dateReserved": "2021-02-19T17:45:42.346Z",
"dateUpdated": "2024-08-03T21:26:09.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16525 (GCVE-0-2018-16525)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16525",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16525",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43997 (GCVE-0-2021-43997)
Vulnerability from cvelistv5
Published
2021-11-17 00:00
Modified
2024-08-04 04:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:10:16.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2"
},
{
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6"
},
{
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0"
},
{
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-43997",
"datePublished": "2021-11-17T00:00:00",
"dateReserved": "2021-11-17T00:00:00",
"dateUpdated": "2024-08-04T04:10:16.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16523 (GCVE-0-2018-16523)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:24:32.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16523",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16523",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-05T00:00:00",
"dateUpdated": "2024-08-05T10:24:32.701Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16602 (GCVE-0-2018-16602)
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:32:52.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-06T22:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/",
"refsource": "MISC",
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-16602",
"datePublished": "2018-12-06T23:00:00",
"dateReserved": "2018-09-06T00:00:00",
"dateUpdated": "2024-08-05T10:32:52.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-05-03 22:15
Modified
2024-11-21 06:06
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63 | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5312AF-71BB-4289-BAB4-CE5931098CCD",
"versionEndExcluding": "10.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory."
},
{
"lang": "es",
"value": "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta una comprobaci\u00f3n insuficiente de l\u00edmites durante la administraci\u00f3n de la memoria de la pila"
}
],
"id": "CVE-2021-32020",
"lastModified": "2024-11-21T06:06:43.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-03T22:15:08.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-22 18:15
Modified
2024-11-21 06:05
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837 | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5312AF-71BB-4289-BAB4-CE5931098CCD",
"versionEndExcluding": "10.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation."
},
{
"lang": "es",
"value": "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta un desbordamiento de enteros en el archivo queue.c para una creaci\u00f3n de cola"
}
],
"id": "CVE-2021-31571",
"lastModified": "2024-11-21T06:05:55.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-22T18:15:08.520",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-22 18:15
Modified
2024-11-21 06:05
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5312AF-71BB-4289-BAB4-CE5931098CCD",
"versionEndExcluding": "10.4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer."
},
{
"lang": "es",
"value": "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta un desbordamiento de enteros en el archivo stream_buffer.c para un b\u00fafer de flujo"
}
],
"id": "CVE-2021-31572",
"lastModified": "2024-11-21T06:05:55.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-22T18:15:08.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions."
},
{
"lang": "es",
"value": "Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgaci\u00f3n de informaci\u00f3n durante el an\u00e1lisis de opciones TCP en prvCheckOptions."
}
],
"id": "CVE-2018-16524",
"lastModified": "2024-11-21T03:52:54.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.423",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de l\u00edmites a la memoria durante el an\u00e1lisis de paquetes NBNS en prvTreatNBNS se puede emplear para divulgar informaci\u00f3n."
}
],
"id": "CVE-2018-16599",
"lastModified": "2024-11-21T03:53:01.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.893",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket."
},
{
"lang": "es",
"value": "Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgaci\u00f3n de informaci\u00f3n durante el an\u00e1lisis de los paquetes ICMP en prvProcessICMPPacket."
}
],
"id": "CVE-2018-16527",
"lastModified": "2024-11-21T03:52:55.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions."
},
{
"lang": "es",
"value": "Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divisi\u00f3n entre cero en prvCheckOptions."
}
],
"id": "CVE-2018-16523",
"lastModified": "2024-11-21T03:52:54.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-369"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-21 18:15
Modified
2024-11-21 05:58
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Texas Instruments devices running FREERTOS, malloc returns a valid
pointer to a small buffer on extremely large values, which can trigger
an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in
code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.ti.com/tool/TI-RTOS-MCU | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ti.com/tool/TI-RTOS-MCU | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | freertos | 10.4.1 | |
| ti | simplelink_cc13xx_software_development_kit | * | |
| ti | simplelink_cc26xx_software_development_kit | * | |
| ti | simplelink_cc32xx_software_development_kit | * | |
| ti | simplelink_msp432e401y | - | |
| ti | simplelink_msp432e411y | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F471FD19-638D-46A4-A68D-C4BDA7FA26EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ti:simplelink_cc13xx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B4CA27-1024-4347-8C0B-A8848950CB5B",
"versionEndExcluding": "4.40.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ti:simplelink_cc26xx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC0C102-7DCB-4959-91C6-ECA8429BB1A2",
"versionEndExcluding": "4.40.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ti:simplelink_cc32xx_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61CF4AB1-347E-42F9-89FB-350445ED7E70",
"versionEndExcluding": "4.10.03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ti:simplelink_msp432e401y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "538BC9EE-7C51-41CC-9A58-5FEB3261EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ti:simplelink_msp432e411y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7C493D-DAC1-4FBD-A056-C9D5CF98F9E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in \u0027malloc\u0027 for FreeRTOS, resulting in\n code execution."
},
{
"lang": "es",
"value": "En los dispositivos de Texas Instruments que ejecutan FREERTOS, malloc devuelve un puntero v\u00e1lido a un peque\u00f1o b\u00fafer en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de enteros en \u0027malloc\u0027 para FreeRTOS, lo que resulta en la ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2021-27504",
"lastModified": "2024-11-21T05:58:07.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-21T18:15:07.713",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Product"
],
"url": "https://www.ti.com/tool/TI-RTOS-MCU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://www.ti.com/tool/TI-RTOS-MCU"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket."
},
{
"lang": "es",
"value": "Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten que atacantes remotos filtren informaci\u00f3n o ejecuten c\u00f3digo arbitrario debido a un desbordamiento de b\u00fafer durante la generaci\u00f3n de una suma de verificaci\u00f3n del protocolo en usGenerateProtocolChecksum y prvProcessIPPacket."
}
],
"id": "CVE-2018-16526",
"lastModified": "2024-11-21T03:52:55.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.580",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply."
},
{
"lang": "es",
"value": "Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten que atacantes remotos ejecuten c\u00f3digo arbitrario o filtren informaci\u00f3n debido a un desbordamiento de b\u00fafer durante el an\u00e1lisis de los paquetes DNS\\LLMNR en prvParseDNSReply."
}
],
"id": "CVE-2018-16525",
"lastModified": "2024-11-21T03:52:54.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.503",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de l\u00edmites a la memoria durante el an\u00e1lisis de paquetes ARP en eARPProcessPacket se puede emplear para divulgar informaci\u00f3n."
}
],
"id": "CVE-2018-16600",
"lastModified": "2024-11-21T03:53:02.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.957",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. Una cabecera IP manipulada desencadena la copia de un espacio de memoria completo en prvProcessIPPacket, lo que conduce a una denegaci\u00f3n de servicio (DoS) y a la posible ejecuci\u00f3n de c\u00f3digo"
}
],
"id": "CVE-2018-16601",
"lastModified": "2024-11-21T03:53:02.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:01.033",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de l\u00edmites a la memoria durante el an\u00e1lisis de respuestas DHCP en prvProcessDHCPReplies se puede emplear para divulgar informaci\u00f3n."
}
],
"id": "CVE-2018-16602",
"lastModified": "2024-11-21T03:53:02.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:01.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-07 21:15
Modified
2024-11-21 09:05
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 | Release Notes | |
| security-advisories@github.com | https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r | Technical Description, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r | Technical Description, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA95DB2-A48A-46A8-B589-F17236ECB4AC",
"versionEndExcluding": "10.6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper. "
},
{
"lang": "es",
"value": "FreeRTOS es un sistema operativo en tiempo real para microcontroladores. Las versiones del kernel de FreeRTOS hasta la 10.6.1 no protegen suficientemente contra la escalada de privilegios locales a trav\u00e9s de t\u00e9cnicas de programaci\u00f3n orientada al retorno en caso de que exista una vulnerabilidad que permita la inyecci\u00f3n y ejecuci\u00f3n de c\u00f3digo. Estos problemas afectan a los puertos MPU ARMv7-M y a los puertos ARMv8-M con soporte de unidad protegida de memoria (MPU) habilitado (es decir, `configENABLE_MPU` establecido en 1). Estos problemas se solucionan en la versi\u00f3n 10.6.2 con un nuevo contenedor MPU."
}
],
"id": "CVE-2024-28115",
"lastModified": "2024-11-21T09:05:50.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-07T21:15:08.567",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Technical Description",
"Vendor Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Vendor Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-17 21:15
Modified
2024-11-21 06:30
Severity ?
Summary
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3 | ||
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:amazon:freertos:*:*:*:*:-:*:*:*",
"matchCriteriaId": "4FB285CB-30B9-4537-9AC8-7C0BF1643D05",
"versionEndExcluding": "10.4.6",
"versionStartIncluding": "10.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:amazon:freertos:10.4.3:patch1:*:*:lts:*:*:*",
"matchCriteriaId": "95529D7D-3DBE-4227-811F-BBE6F0281CFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3."
},
{
"lang": "es",
"value": "Las versiones de FreeRTOS versiones10.2.0 hasta la 10.4.5 no evitan que el c\u00f3digo que no es del n\u00facleo llame a la funci\u00f3n interna xPortRaisePrivilege para elevar el privilegio. Las versiones de FreeRTOS hasta la 10.4.6 no impiden que un tercero que ya haya obtenido de forma independiente la capacidad de ejecutar c\u00f3digo inyectado consiga una mayor elevaci\u00f3n de privilegios bifurc\u00e1ndose directamente dentro de una funci\u00f3n envolvente de la API de FreeRTOS MPU con un marco de pila manipulado manualmente. Estos problemas afectan a los puertos ARMv7-M MPU, y a los puertos ARMv8-M con soporte MPU habilitado (es decir, configENABLE_MPU establecido en 1). Estos problemas se han solucionado en V10.5.0 y en V10.4.3-LTS Parche 3."
}
],
"id": "CVE-2021-43997",
"lastModified": "2024-11-21T06:30:10.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-17T21:15:07.780",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de l\u00edmites a los campos de los puertos de origen y destino TCP en xProcessReceivedTCPPacket puede filtrar datos a un atacante."
}
],
"id": "CVE-2018-16603",
"lastModified": "2024-11-21T03:53:02.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:01.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1",
"versionEndIncluding": "1.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C",
"versionEndIncluding": "10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versi\u00f3n 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. En xProcessReceivedUDPPacket y prvParseDNSReply, se acepta cualquier respuesta DNS recibida sin confirmar que coincide con la petici\u00f3n DNS enviada."
}
],
"id": "CVE-2018-16598",
"lastModified": "2024-11-21T03:53:01.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-12-06T23:29:00.813",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-441"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}