Lucene search
K

48 matches found

CNNVD
CNNVD
added 2022/06/14 12:0 a.m.4 views

Microsoft Azure Real Time Operating System 安全漏洞

Microsoft Azure Real Time Operating System Azure RTOS is an embedded development kit from Microsoft Corporation USA that includes a small but powerful operating system that delivers reliable, ultra-fast performance for resource-constrained devices. A security vulnerability exists in the Microsoft...

7.8CVSS7.7AI score0.02118EPSS
Exploits0References4
NCSC
NCSC
added 2022/06/14 12:0 a.m.7 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Microsoft Azure components. A malicious party could exploit the vulnerabilities to obtain elevated privileges, or to gain access to sensitive data in the context of the victim. Microsoft states for several of the vulnerabilities listed below to be in possession ...

7.8CVSS6.8AI score0.02408EPSS
Exploits0
CNVD
CNVD
added 2021/12/01 12:0 a.m.14 views

Zephyr Buffer Overflow Vulnerability (CNVD-2021-95615)

Zephyr is an open source, small, scalable, real-time operating system. buffer overflow vulnerability exists in Zephyr, which stems from a buffer overflow in the ZephyrUSB DFU DNLOAD. No detailed vulnerability details are currently available...

9.8CVSS2.6AI score0.02275EPSS
Exploits2References1
CISA
CISA
added 2021/11/09 12:0 a.m.7 views

CISA Releases Security Advisory on Siemens Nucleus Real-Time Operating Systems

CISA has released an Industrial Control Systems ICS advisory detailing multiple vulnerabilities found in Siemens Nucleus Real-Time Operating Systems RTOS and supporting libraries. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages...

7.1AI score
Exploits0References1
CNNVD
CNNVD
added 2021/11/09 12:0 a.m.4 views

Microsoft Azure Real Time Operating System 权限许可和访问控制问题漏洞

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. A vulnerability exists in Microsoft Azure RTOS with privilege permission and access control issues. The vulnerability stems from a lack of effective privilege permission and access control...

7.2CVSS5.5AI score0.00567EPSS
Exploits0References4
CNVD
CNVD
added 2021/10/13 12:0 a.m.21 views

Zephyr integer underflow vulnerability

Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. an integer underflow vulnerability in 6LoWPAN IPHC header decompression in Zephyr 2.4.0 and later can be exploited by attackers to cause out-of-bounds access in the Pv6 parsing logic...

9.8CVSS4AI score0.00894EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2021/08/18 5:33 p.m.90 views

Cars and hospital equipment running Blackberry QNX may be affected by BadAlloc vulnerability

Following an announcement by Blackberry the U.S. Food & Drug Administration FDA and the Cybersecurity & Infrastructure Security Agency CISA have put out alerts that vulnerabilities found in the Blackberry QNX real-time operating system RTOS may introduce risks for certain medical devices...

6.8CVSS0.4AI score0.018EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/08/18 3:5 p.m.105 views

BadAlloc Flaw Affects BlackBerry QNX Used in Millions of Cars and Medical Devices

A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System RTOS could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. The shortcoming CVE-2021-22156, CVSS score: 9.0 is part of a...

9.8CVSS1.3AI score0.018EPSS
Exploits0
CNVD
CNVD
added 2021/06/25 12:0 a.m.6 views

Unspecified Vulnerability in Zephyr

Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. Zephyr has a security vulnerability that stems from improper handling of insufficient permissions or privileges in Zephyr. No details of the vulnerability are available at this time...

5.9CVSS6.9AI score0.00201EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/24 12:0 a.m.11 views

Zephyr buffer overflow vulnerability (CNVD-2021-44932)

Zephyr is an open source, small, scalable real-time operating system. A security vulnerability exists in Zephyr versions >= v1.14.2 and >= v2.2.0, which stems from a lack of size checking in Bluetooth HCI on SPI. No details of the vulnerability are available at this time...

8.8CVSS6.8AI score0.00486EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/26 12:0 a.m.11 views

Unspecified vulnerability in Zephyr (CNVD-2021-95624)

Zephyr is an open source, small, scalable real-time operating system. Zephyr suffers from a security vulnerability that stems from the fact that when setup in conjunction with littlefs, MCUmgr can be used to extract all security-related information from the device. No details of the vulnerability...

3.3CVSS6.5AI score0.00233EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2021/04/30 11:49 a.m.104 views

Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial Devices

Security researchers at Microsoft are warning the industry about 25 as-yet undocumented critical memory-allocation vulnerabilities across a number of vendors’ IoT and industrial devices that threat actors could exploit to execute malicious code across a network or cause an entire system to crash...

0.5AI score0.01326EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.6 views

Texas Instruments TI-RTOS-MCU 输入验证错误漏洞

The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. An input validation error vulnerability exists in Texas Instrument TI-RTOS that originates from returning a valid pointer to a small buffer on a ver...

7.8CVSS6.3AI score0.00279EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.3 views

Texas Instruments TI-RTOS-MCU 输入验证错误漏洞

The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. The Texas Instruments TI-RTOS-MCU has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a...

7.8CVSS6.2AI score0.00276EPSS
Exploits0References5
CISA
CISA
added 2021/04/29 12:0 a.m.19 views

CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities

CISA has released Industrial Control Systems Advisory ICSA-21-119-04 Multiple RTOS to provide notice of multiple vulnerabilities found in real-time operating systems RTOS and supporting libraries. Successful exploitation of these vulnerabilities could result in unexpected behavior such as a crash...

7.6AI score
Exploits0References1
CNVD
CNVD
added 2021/04/13 12:0 a.m.16 views

Siemens Nucleus Products IPv6 Stack Denial of Service Vulnerability

The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...

8.7CVSS6.8AI score0.01885EPSS
Exploits0References1
CERT
CERT
added 2020/12/08 12:0 a.m.164 views

Embedded TCP/IP stacks have memory corruption vulnerabilities

Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things IoT and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU96491057 as well as the name AMNESIA:33...

9.8CVSS8.5AI score0.52259EPSS
Exploits0References5
OSV
OSV
added 2020/05/11 11:15 p.m.5 views

CVE-2020-10021

Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions...

7.8CVSS5.4AI score0.0041EPSS
Exploits0References5
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/09/03 6:55 a.m.142 views

Pwning a Siemens Scalance ICS switch through ARM reversing

We’ve been working in industrial control systems security for a long time. Several of the team here used to work in OT control rooms or support SCADA environments. Whilst pen testing a ship control system, we noticed a heavy reliance on Siemens Scalance industrial ethernet switches, so bought a...

2.1CVSS6.2AI score0.00301EPSS
Exploits0
myhack58
myhack58
added 2019/08/09 12:0 a.m.68 views

VxWorks is facing severe RCE attack risk-vulnerability warning-the black bar safety net

Armis research team in the VxWorks discovered 11 zero-day vulnerabilities, VxWorks may be the most widely used of theoperating system. VxWorks is more than 20 million devices in use, including critical industrial, medical and business equipment. Called the“URGENT/11,”the vulnerability exists in t...

0.4AI score
Exploits0
Rows per page
Query Builder