CVE-2023-48693

Name of the Vulnerable Software and Affected Versions Azure RTOS ThreadX versions prior to 6.3.0

Description Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to a vulnerability in the parameter checking mechanism in Azure RTOS ThreadX, which may lead to privilege escalation.

Recommendations For Azure RTOS ThreadX versions prior to 6.3.0, upgrade to ThreadX release 6.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameter checking mechanism until a patch is available. Avoid using the vulnerable components in Azure RTOS ThreadX until the issue is resolved.