331 matches found
KLA12258 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A security bypass Microsoft Azure can ...
PT-2021-3832 · Microsoft · Azure Sphere
Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient protection of service data in Azure Sphere operating systems, which could allow an attacker to gain unauthorized access to protected information...
Microsoft Azure Sphere 权限许可和访问控制问题漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A vulnerability exists in Microsoft Azure Sphere with privilege permission and access control issues. The following products and versions are affected:Azure Sphere...
PT-2021-3833 · Microsoft · Azure Sphere
Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient access control in Azure Sphere, which could allow an attacker to elevate their privileges. Recommendations: At the moment, there is no information...
PT-2021-3893 · Microsoft · Azure Sphere
Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient input validation in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to cause a denial of service...
Linux Kernel Bug Opens Door to Wider Cyberattacks
An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. Specifically, the bug CVE-2020-28588 exists in the /proc/pid/syscall functionality of 32-bit ARM devices running...
Vulnerability of Azure Sphere operating systems, related to improper code generation management, allows attackers to execute arbitrary code.
The vulnerability of Azure Sphere operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Microsoft Azure Sphere
Claudio Bozzato and Lilith of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT application security... This ...
CVE-2021-28460
Azure Sphere Unsigned Code Execution Vulnerability...
Remote code execution
Azure Sphere Unsigned Code Execution Vulnerability...
CVE-2021-28460 Azure Sphere Unsigned Code Execution Vulnerability
...
Azure Sphere Unsigned Code Execution Vulnerability
...
Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability
Summary An unsigned code execution vulnerability exists in the Linux namespace ptrace functionality of Microsoft Azure Sphere 21.01. Specially crafted shellcode could allow an adversary to execute unsigned code. An attacker can change the namespace and use ptrace to modify the code of a running...
Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability
Summary A code execution vulnerability exists in the kernel pwmioctlapplystate functionality of Microsoft Azure Sphere 21.01. A specially crafted ioctl can lead to arbitrary kfree. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Microsoft Azure Sphere 21.01 Product...
Microsoft Azure Sphere mount namespace unsigned code execution vulnerability
Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...
Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability
Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...
Microsoft Azure Sphere 安全漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A security vulnerability exists in Microsoft Azure Sphere that originates from unsigned code execution...
Vulnerabilities fixed in Microsoft Azure products
Microsoft has fixed vulnerabilities in Azure products. The vulnerabilities allow an unauthenticated remote malicious person to remote user to execute arbitrary code and obtain elevated permissions. Open Source Software: |----------------|------|-------------------------------------| | CVE ID | CV...
PT-2021-2728 · Microsoft · Azure Sphere
Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to incorrect code generation management in Azure Sphere operating systems. Exploitation of this issue may allow an attacker to execute arbitrary code...
Vulnerability of Azure Sphere operating systems, related to improper code generation management, allows attackers to execute arbitrary code.
The vulnerability of Azure Sphere operating systems is related to incorrect code generation management. Exploiting this vulnerability can allow an attacker to execute arbitrary code...