// For flags

CVE-2021-43997

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.

Las versiones de FreeRTOS versiones10.2.0 hasta la 10.4.5 no evitan que el código que no es del núcleo llame a la función interna xPortRaisePrivilege para elevar el privilegio. Las versiones de FreeRTOS hasta la 10.4.6 no impiden que un tercero que ya haya obtenido de forma independiente la capacidad de ejecutar código inyectado consiga una mayor elevación de privilegios bifurcándose directamente dentro de una función envolvente de la API de FreeRTOS MPU con un marco de pila manipulado manualmente. Estos problemas afectan a los puertos ARMv7-M MPU, y a los puertos ARMv8-M con soporte MPU habilitado (es decir, configENABLE_MPU establecido en 1). Estos problemas se han solucionado en V10.5.0 y en V10.4.3-LTS Parche 3.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-11-17 CVE Reserved
  • 2021-11-17 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Amazon
Search vendor "Amazon"
Freertos
Search vendor "Amazon" for product "Freertos"
>= 10.2.0 < 10.4.6
Search vendor "Amazon" for product "Freertos" and version " >= 10.2.0 < 10.4.6"
-
Affected
Amazon
Search vendor "Amazon"
Freertos
Search vendor "Amazon" for product "Freertos"
10.4.3
Search vendor "Amazon" for product "Freertos" and version "10.4.3"
patch1, lts
Affected