NXP Semiconductors MQX RTOS (Update A)

CVSS v3 8.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: NXP Semiconductors Equipment: MQX RTOS Vulnerabilities: Classic Buffer Overflow, Out-of-Bounds Read UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-285-04 NXP...

NXP Semiconductors MQX RTOS contains multiple vulnerabilities

Overview The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client, which may lead to memory corruption allowing an attacker to execute arbitrary code, as well as an out of bounds read in the DNS client which may lead to a denial of service. Description Th...