4 matches found
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in a library for µC/OS, an open-source operating system developed by Micrium. µC/OS is an embedded operating system that supports TCP/IP, USB, CAN bus and Modbus. The two...
CVE-2022-41985
CVE-2022-41985 affects Weston Embedded uC-FTPs v1.98.00. Talos reports an authentication bypass in the FTP server: after USER with an unauthenticated sequence, the state machine can skip authentication and allow following commands, potentially enabling DoS via crafted packets. Evidence from Talos...
CVE-2022-41985
An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...
CVE-2022-41985
An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...