14 matches found
EUVD-2020-2527
Malware in sbrugna...
EUVD-2020-2535
Malware in sbrugna...
CVE-2020-10071
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10062
An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10070
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
Memory corruption
An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
Buffer overflow
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
Design/Logic Flaw
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10062 Packet length decoding error in MQTT
An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10062
The vulnerability CVE-2020-10062 affects Zephyr RTOS MQTT packet length decoder (off-by-one) in Zephyr 2.2.0 and later. Root cause: off-by-one in the decoder leading to memory corruption and possible remote code execution. Impact: memory corruption with potential code execution. Remediation: fixe...
CVE-2020-10071 Insufficient publish message length validation in MQTT
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10071
Zephyr CVE-2020-10071 affects Zephyr RTOS 2.2.0 and later. The MQTT parsing code fails to adequately validate the length field on publish messages, enabling a buffer overflow that could lead to remote code execution. Multiple sources describe this as a buffer-overflow vulnerability due to insuffi...
CVE-2020-10070 MQTT buffer overflow on receive buffer
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
CVE-2020-10070
No technical details are publicly available in the provided documents for CVE-2020-10070. Monitor for updates.