Lucene search
+L

331 matches found

Kaspersky
Kaspersky
added 2021/08/10 12:0 a.m.48 views

KLA12258 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A security bypass Microsoft Azure can ...

7.8CVSS6.9AI score0.01204EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.4 views

PT-2021-3832 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient protection of service data in Azure Sphere operating systems, which could allow an attacker to gain unauthorized access to protected information...

4.6CVSS4.6AI score0.00743EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.5 views

Microsoft Azure Sphere 权限许可和访问控制问题漏洞

Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A vulnerability exists in Microsoft Azure Sphere with privilege permission and access control issues. The following products and versions are affected:Azure Sphere...

7.8CVSS7.3AI score0.00479EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.4 views

PT-2021-3833 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient access control in Azure Sphere, which could allow an attacker to elevate their privileges. Recommendations: At the moment, there is no information...

7.8CVSS7.2AI score0.00479EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.3 views

PT-2021-3893 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient input validation in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to cause a denial of service...

6CVSS5.7AI score0.00633EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2021/04/27 7:43 p.m.82 views

Linux Kernel Bug Opens Door to Wider Cyberattacks

An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. Specifically, the bug CVE-2020-28588 exists in the /proc/pid/syscall functionality of 32-bit ARM devices running...

6.4AI score0.011EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2021/04/27 12:0 a.m.8 views

Vulnerability of Azure Sphere operating systems, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of Azure Sphere operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.0048EPSS
Exploits0References3Affected Software1
Talos Blog
Talos Blog
added 2021/04/14 6:59 a.m.30 views

Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Microsoft Azure Sphere

Claudio Bozzato and Lilith of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT application security... This ...

1.2AI score
Exploits0
NVD
NVD
added 2021/04/13 8:15 p.m.51 views

CVE-2021-28460

Azure Sphere Unsigned Code Execution Vulnerability...

8.1CVSS0.0048EPSS
Exploits0References1
Prion
Prion
added 2021/04/13 8:15 p.m.31 views

Remote code execution

Azure Sphere Unsigned Code Execution Vulnerability...

4.6CVSS7.7AI score0.0048EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/13 7:33 p.m.25 views

CVE-2021-28460 Azure Sphere Unsigned Code Execution Vulnerability

...

8.1CVSS8.3AI score0.0048EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2021/04/13 7:0 a.m.41 views

Azure Sphere Unsigned Code Execution Vulnerability

...

8.1CVSS7.8AI score0.0048EPSS
Exploits0
Talos
Talos
added 2021/04/13 12:0 a.m.45 views

Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the Linux namespace ptrace functionality of Microsoft Azure Sphere 21.01. Specially crafted shellcode could allow an adversary to execute unsigned code. An attacker can change the namespace and use ptrace to modify the code of a running...

6.2CVSS6.6AI score0.01028EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.25 views

Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability

Summary A code execution vulnerability exists in the kernel pwmioctlapplystate functionality of Microsoft Azure Sphere 21.01. A specially crafted ioctl can lead to arbitrary kfree. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Microsoft Azure Sphere 21.01 Product...

8.1CVSS8.2AI score0.0048EPSS
Exploits0
Talos
Talos
added 2021/04/13 12:0 a.m.32 views

Microsoft Azure Sphere mount namespace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...

6.2CVSS6.5AI score0.01028EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.46 views

Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability

Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...

9.3CVSS9.1AI score0.01216EPSS
Exploits1
CNNVD
CNNVD
added 2021/04/13 12:0 a.m.9 views

Microsoft Azure Sphere 安全漏洞

Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A security vulnerability exists in Microsoft Azure Sphere that originates from unsigned code execution...

8.1CVSS7.9AI score0.0048EPSS
Exploits0References5
NCSC
NCSC
added 2021/04/13 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft Azure products

Microsoft has fixed vulnerabilities in Azure products. The vulnerabilities allow an unauthenticated remote malicious person to remote user to execute arbitrary code and obtain elevated permissions. Open Source Software: |----------------|------|-------------------------------------| | CVE ID | CV...

8.1CVSS7.6AI score0.01956EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/04/13 12:0 a.m.7 views

PT-2021-2728 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to incorrect code generation management in Azure Sphere operating systems. Exploitation of this issue may allow an attacker to execute arbitrary code...

8.1CVSS8AI score0.0048EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.3 views

Vulnerability of Azure Sphere operating systems, related to improper code generation management, allows attackers to execute arbitrary code.

The vulnerability of Azure Sphere operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS8.4AI score0.01216EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder