CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36418 – Azure RTOS GUIX Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36418
10 Oct 2023 — Azure RTOS GUIX Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Azure RTOS GUIX Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36418 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41051 – Azure RTOS GUIX Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41051
09 Nov 2022 — Azure RTOS GUIX Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código en Azure RTOS GUIX Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41051 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-39343 – Azure RTOS FileX vulnerable to Buffer Offerflow
https://notcve.org/view.php?id=CVE-2022-39343
08 Nov 2022 — Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This fun... • https://github.com/azure-rtos/filex/blob/master/common/src/fx_fault_tolerant_apply_logs.c#L218 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-39344 – Azure RTOS USBX vulnerable to buffer overflow
https://notcve.org/view.php?id=CVE-2022-39344
04 Nov 2022 — Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when ... • https://github.com/azure-rtos/usbx/security/advisories/GHSA-m9p8-xrp7-vvqp • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39293 – Azure RTOS USBX Host PIMA vulnerable to read integer underflow with buffer overflow
https://notcve.org/view.php?id=CVE-2022-39293
13 Oct 2022 — Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in [_ux_host_class_pima_read](https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_pima_read.c), there is data length from device response, returned in the very first packet, and read by [L165 code](https://github.com/azure-rtos/usbx/blob/082fd9db09a3669eca3358f10b8837a5c1635c0b/common/usbx_host_classes/src/ux_host_cla... • https://github.com/azure-rtos/usbx/releases/tag/v6.1.12_rel • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 2CVE-2022-36063 – USBX Host CDC ECM integer underflow with buffer overflow
https://notcve.org/view.php?id=CVE-2022-36063
10 Oct 2022 — Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in the `_ux_host_class_cdc_ecm_mac_address_get` function which may be potentially exploited to achieve remote code execution or denial of service. Setting mac address string descriptor length to a `0` or `1` allows an ... • https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_cdc_ecm_mac_address_get.c#L264 • CWE-121: Stack-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2022-29246 – Potential buffer overflow in function DFU upload in Azure RTOS USBX
https://notcve.org/view.php?id=CVE-2022-29246
24 May 2022 — Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function does not assure that a buffer overflow will not occur during handling of the DFU UPLOAD command. When an attacker issu... • https://github.com/azure-rtos/usbx/blob/master/common/usbx_device_classes/src/ux_device_class_dfu_control_request.c • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29223 – Buffer overflow on HUB descriptor in Azure RTOS USBX
https://notcve.org/view.php?id=CVE-2022-29223
24 May 2022 — Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack. In versions prior to 6.1.10, an attacker can cause a buffer overflow by providing the Azure RTOS USBX host stack a HUB descriptor with `bNbPorts` set to a value greater than `UX_MAX_TT` which defaults to 8. For a `bNbPorts` value of 255, the implementation of `ux_host_class_hub_descriptor_get` function will modify the contents of `hub` -> `ux_host_class_hub_device` -> `ux_device_hub_tt` array violating the end boundary by 255 - `UX_M... • https://github.com/azure-rtos/usbx/releases/tag/v6.1.10_rel • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-42301 – Azure RTOS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-42301
10 Nov 2021 — Azure RTOS Information Disclosure Vulnerability Azure RTOS Una vulnerabilidad de Divulgación de Información. Este ID de CVE es diferente de CVE-2021-26444, CVE-2021-42323 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42301 •