Azure RTOS ThreadX Input Validation Error Vulnerability

Azure RTOS ThreadX is an advanced real-time operating system open-sourced by Azure RTOS. An input validation error vulnerability exists in Azure RTOS ThreadX versions prior to 6.3.0, which stems from a vulnerability in the parameter checking mechanism that can be exploited by an attacker to cause...

PT-2023-30902 · Microsoft · Azure Rtos Threadx

Name of the Vulnerable Software and Affected Versions: Azure RTOS ThreadX versions prior to 6.3.0 Description: Azure RTOS ThreadX is an advanced real-time operating system RTOS designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to a...

CVE-2022-39344 Azure RTOS USBX vulnerable to buffer overflow

Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this m...

CVE-2022-36063

Azure RTOS USBx is a USB host, device, and on-the-go OTG embedded stack, fully integrated with Azure RTOS ThreadX and available for all Azure RTOS ThreadX–supported processors. Azure RTOS USBX implementation of host support for USB CDC ECM includes an integer underflow and a buffer overflow in th...