Lucene search
K

4 matches found

Talos Blog
Talos Blog
added 2023/05/10 3:44 p.m.23 views

Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system

Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in a library for µC/OS, an open-source operating system developed by Micrium. µC/OS is an embedded operating system that supports TCP/IP, USB, CAN bus and Modbus. The two...

5CVSS6.5AI score0.01488EPSS
Exploits3
CVE
CVE
added 2023/05/10 3:23 p.m.45 views

CVE-2022-41985

CVE-2022-41985 affects Weston Embedded uC-FTPs v1.98.00. Talos reports an authentication bypass in the FTP server: after USER with an unauthenticated sequence, the state machine can skip authentication and allow following commands, potentially enabling DoS via crafted packets. Evidence from Talos...

8.6CVSS7.6AI score0.01488EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/10 3:23 p.m.9 views

CVE-2022-41985

An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

8.6CVSS7.1AI score0.01488EPSS
Exploits1References2
OSV
OSV
added 2023/05/10 3:23 p.m.9 views

CVE-2022-41985

An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

8.6CVSS7AI score0.01488EPSS
Exploits1References5
Rows per page
Query Builder