PT-2023-30777 · Microsoft · Azure Rtos Netx Duo

Rkolandaivel

Publicado

2023-12-04

Atualizado

2023-12-08

CVE-2023-48315

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Azure RTOS NetX Duo versions prior to 6.3.0

Description The issue affects Azure RTOS NetX Duo, a TCP/IP network stack for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities. The affected components include processes related to ftp and sntp.

Recommendations For Azure RTOS NetX Duo versions prior to 6.3.0, upgrade to NetX Duo release 6.3.0 to resolve the issue. As a temporary workaround, consider disabling the ftp and sntp functions until a patch is available.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-825

Identificadores relacionados

CVE-2023-48315

GHSA-RJ6H-JJG2-7GF3

Produtos afetados

Azure Rtos Netx Duo

PT-2023-30777 · Microsoft · Azure Rtos Netx Duo

CVE-2023-48315

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6