CVE-2019-13120
https://notcve.org/view.php?id=CVE-2019-13120
Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which interacts with an associated vulnerable MQTT message in the application, specific circumstances could trigger this vulnerability. Amazon FreeRTOS hasta la versión v1.4.8, incluido, carece de verificación de longitud en prvProcessReceivedPublish, dando como resultado una fuga no direccionable de contenido de memoria arbitraria en un dispositivo a un atacante. Si un atacante tiene la autorización para enviar un paquete de publicación MQTT con formato incorrecto a una cosa de Amazon IoT, que interactúa con un mensaje MQTT vulnerable asociado en la aplicación, circunstancias específicas podrían desencadenar esta vulnerabilidad. • https://aws.amazon.com/cn/freertos/security-updates • CWE-125: Out-of-bounds Read •
CVE-2018-16526
https://notcve.org/view.php?id=CVE-2018-16526
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket. Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten que atacantes remotos filtren información o ejecuten código arbitrario debido a un desbordamiento de búfer durante la generación de una suma de verificación del protocolo en usGenerateProtocolChecksum y prvProcessIPPacket. • https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md •
CVE-2018-16524
https://notcve.org/view.php?id=CVE-2018-16524
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions. Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgación de información durante el análisis de opciones TCP en prvCheckOptions. • https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-16527
https://notcve.org/view.php?id=CVE-2018-16527
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket. Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgación de información durante el análisis de los paquetes ICMP en prvProcessICMPPacket. • https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-16598
https://notcve.org/view.php?id=CVE-2018-16598
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request. Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. En xProcessReceivedUDPPacket y prvParseDNSReply, se acepta cualquier respuesta DNS recibida sin confirmar que coincide con la petición DNS enviada. • https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •