CVE-2023-48315

Name of the Vulnerable Software and Affected Versions Azure RTOS NetX Duo versions prior to 6.3.0

Description The issue affects Azure RTOS NetX Duo, a TCP/IP network stack for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities. The affected components include processes related to ftp and sntp.

Recommendations For Azure RTOS NetX Duo versions prior to 6.3.0, upgrade to NetX Duo release 6.3.0 to resolve the issue. As a temporary workaround, consider disabling the ftp and sntp functions until a patch is available.