CVE-2023-48692

Name of the Vulnerable Software and Affected Versions Azure RTOS NetX Duo versions 6.2.1 and below

Description The issue is related to a memory overflow vulnerability in the Azure RTOS NetX Duo TCP/IP network stack, which can be exploited by an attacker to achieve remote code execution. The affected components include processes related to icmp, tcp, snmp, dhcp, nat, and ftp.

Recommendations For Azure RTOS NetX Duo versions 6.2.1 and below, upgrade to NetX Duo release 6.3.0 to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components, such as disabling the icmp, tcp, snmp, dhcp, nat, and ftp functions until the upgrade is applied. Note that there are no known workarounds for this vulnerability apart from upgrading to the fixed release.