46 matches found
EUVD-2020-23275
Malware in sbrugna...
EUVD-2020-23274
Malware in sbrugna...
Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability August 17, 2022 CVE Number CVE-2022-35821 SUMMARY An out-of-bounds read vulnerability exists in the /proc/fdt mmap operation functionality of Microsoft Azure Sphere 22.02. A...
Microsoft Azure Sphere 缓冲区错误漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A buffer error vulnerability exists in Microsoft Azure Sphere. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor...
Microsoft Azure Sphere Input Validation Error Vulnerability
Microsoft Azure Sphere is an appliance used by Microsoft USA to provide security in cloud environments. Microsoft Azure Sphere is vulnerable to an input validation error. No details of the vulnerability are currently available...
Microsoft Azure Sphere Buffer Overflow Vulnerability
Microsoft Azure Sphere is an appliance used to provide security in cloud environments by Microsoft Corporation USA. No detailed vulnerability details are available at this time...
Microsoft Azure Sphere Information Disclosure Vulnerability (CNVD-2021-93635)
Microsoft Azure Sphere is a security vulnerability in Microsoft Azure Sphere, an appliance used by Microsoft to provide security in cloud environments. No details of the vulnerability are currently available...
Microsoft Azure Sphere 缓冲区错误漏洞
Microsoft Azure Sphere is an appliance used to provide security in cloud environments by Microsoft Corporation USA. No detailed vulnerability details are available at this time...
Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability
Summary A denial of service vulnerability exists in the Pluton syscalls functionality of Microsoft Azure Sphere 21.01, 21.06 and 21.07. A specially-crafted set of syscalls executed in parallel by an unprivileged process can lead to the crash of Pluton, resulting in a device reboot denial of...
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability
Summary An out-of-bounds read vulnerability exists in the Security Monitor SMSyscallStageBaseManifests offset calculation of Microsoft Azure Sphere 21.01. A specially crafted manifest could lead to information disclosure. An attacker can use syscalls to trigger this vulnerability. Tested Versions...
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability
Summary A signature check bypass vulnerability exists in the Security Monitor SMSyscallStageBaseManifests image validation functionality of Microsoft Azure Sphere 21.01. A specially crafted manifest can lead to a firmware downgrade. An attacker can use syscalls to trigger this vulnerability. Test...
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability
Summary A firmware downgrade vulnerability exists in the Security Monitor SMSyscallCommitImageStaging 1BL functionality of Microsoft Azure Sphere 21.01. A specially-crafted set of Secmon syscalls can lead to downgrading the version of the 1BL firmware. An attacker can use syscalls to trigger this...
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability
Summary A denial of service vulnerability exists in the Security Monitor SMSyscallCommitImageStaging stage-without-manifest functionality of Microsoft Azure Sphere 21.01. A specially crafted image package can lead to boot looping, requiring manual recovery. An attacker can flash a malicious image...
Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1340 Microsoft Azure Sphere Kernel GPIOGETPINACCESSCONTROLUSER information disclosure vulnerability November 9, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the GPIOGETPINACCESSCONTROLUSER functionality of Microsoft Azure...
Microsoft Azure Sphere 安全漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A security vulnerability exists in Microsoft Azure Sphere. The following products and versions are affected: Azure Sphere...
Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1309 Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability September 14, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallPeripheralAcquire...
Microsoft Azure Sphere 输入验证错误漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. An input validation error vulnerability exists in Microsoft Azure Sphere. The following products and versions are affected:Azure Sphere...
Microsoft Azure Sphere 权限许可和访问控制问题漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. A vulnerability exists in Microsoft Azure Sphere with privilege permission and access control issues. The following products and versions are affected:Azure Sphere...
Microsoft Azure Sphere 输入验证错误漏洞
Microsoft Azure Sphere is an appliance from Microsoft Corporation USA that is used to provide security in cloud environments. An input validation error vulnerability exists in Microsoft Azure Sphere. The following products and versions are affected:Azure Sphere...
Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1310 Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability August 10, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallWriteBlockToStageImage...