CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-27502 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27502
21 Nov 2023 — Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. Texas Instruments TI-RTOS, cuando se configura para usar el heap HeapMem (predeterminado), malloc devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de entero... • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-22636 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-22636
20 Nov 2023 — Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. Texas Instruments TI-RTOS, cuando se configura para usar el heap HeapMem (predeterminado), malloc devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de entero... • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-27429 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27429
20 Nov 2023 — Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution. Texas Instruments TI-RTOS devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes. Esto puede desencadenar una vulnerabilidad de desbordamiento de enteros en 'HeapTrack_alloc' y provocar la ejecución de código. • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 1CVE-2020-16630
https://notcve.org/view.php?id=CVE-2020-16630
20 Sep 2021 — TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairing to pair with a victim BLE device based on TI chips and generate an authenticated-and-MITM-protection LTK. If a fake mobile with the victim mobile’s MAC address uses Just Works and pairs with the victim device, the... • http://software-dl.ti.com/simplelink/esd/simplelink_cc13x2_26x2_sdk/3.20.00.68/exports/changelog.html • CWE-863: Incorrect Authorization •