Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-13120
HistoryOct 07, 2019 - 10:15 p.m.

Security feature bypass

2019-10-0722:15:00
PRIOn knowledge base
www.prio-n.com
3

0.002 Low

EPSS

Percentile

53.8%

JSON

Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT Thing, which interacts with an associated vulnerable MQTT message in the application, specific circumstances could trigger this vulnerability.

CPENameOperatorVersion
amazon_web_services_freertosle1.4.8

Related

cvelist 1
cve 1
osv 1
nvd 1
cvelist
cvelist
CVE-2019-13120
2019-10-07 21:57:48
cve
cve
CVE-2019-13120
2019-10-07 22:15:10
osv
osv
CVE-2019-13120
2019-10-07 22:15:10
nvd
nvd
CVE-2019-13120
2019-10-07 22:15:10

0.002 Low

EPSS

Percentile

53.8%

JSON
Related for PRION:CVE-2019-13120
cvelist1cve1osv1nvd1