3 matches found
CVE-2017-12718
CVE-2017-12718 is a buffer-copy without checking size in MQX RTOS RTCS DHCP client. The vulnerability, affecting MQX versions prior to MQX 5.1 (and present in devices using MQX RTCS on ColdFire variants), can be triggered by crafted DHCP packets and may lead to remote code execution on affected d...
NXP Semiconductors MQX RTOS contains multiple vulnerabilities
Overview The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client, which may lead to memory corruption allowing an attacker to execute arbitrary code, as well as an out of bounds read in the DNS client which may lead to a denial of service. Description Th...
Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSMA-17-250-02 Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities that was published September 7, 2017, on the NCCIC/ICS-CERT web site. Independent researcher Scott Gayou has identified eight...