Lucene search

K
cvelistSilabsCVELIST:CVE-2022-24942
HistoryNov 02, 2022 - 9:04 p.m.

CVE-2022-24942 Heap-based buffer overflow in MicriumOS HTTP Server allows potential remote code execution

2022-11-0221:04:45
CWE-122
Silabs
www.cve.org

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

10 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Gecko Platform",
    "vendor": "silabs.com",
    "versions": [
      {
        "lessThan": "4.1.1.0",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

10 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.2%

Related for CVELIST:CVE-2022-24942