69 matches found
CVE-2021-21966
The TI CC3200 SimpleLink Solution NWP 2.9.0.0 HTTP Server component exposes /ping.html to unauthenticated POST requests. A POST with parameters __SL_P_T.A/B/C can trigger an uninitialized read, causing information disclosure. TALOS-2021-1393 documents the root cause as CWE-457 (Use of Uninitializ...
CVE-2021-21966
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability...
Texas Instruments Cc3200 SimpleLink Solution Nwp 环境问题漏洞
Texas Instruments Cc3200 SimpleLink Solution Nwp is a Texas Instruments microcontroller with built-in 2.4Ghz Wifi functionality from Texas Instruments, Inc. An environmental issue vulnerability exists in the Texas Instruments Cc3200 SimpleLink Solution Nwp version 2.9.0.0, which stems from an...
The vulnerability in the implementation of the malloc() function (source/ti/posix/freertos/memory.c) of the software development kit for microcontroller families SimpleLink (CC13XX, CC26XX, CC32XX, and MSP432E4) allows a malicious actor to execute arbitrary code or cause a service failure.
The vulnerability of the malloc function implementation source/ti/posix/freertos/memory.c in the software development kit for microcontroller families SimpleLink CC13XX, CC26XX, CC32XX, and MSP432E4 is caused by a numerical overflow. Exploiting this vulnerability can allow an attacker to execute...
The vulnerability in the implementation of the HeapMem_allocUnprotected() function (tirtos/packages/ti/sysbios/heaps/HeapMem.c) of the software development kit for microcontroller families SimpleLink (CC13XX, CC26XX, CC32XX, and MSP432E4) allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the HeapMemallocUnprotected function implementation tirtos/packages/ti/sysbios/heaps/HeapMem.c in the software development kit for microcontroller families SimpleLink CC13XX, CC26XX, CC32XX, and MSP432E4 is caused by a numerical overflow. Exploiting this vulnerability could...
The vulnerability in the implementation of the ti_sysbios_rts_MemAlloc_alloc() function (tirtos/packages/ti/sysbios/rts/MemAlloc.xdt) in the software development kit for microcontroller families SimpleLink, including CC13XX, CC26XX, CC32XX, and MSP432E4, allows a malicious actor to execute arbitrary code or cause a service failure.
The vulnerability of the tisysbiosrtsMemAllocalloc implementation tirtos/packages/ti/sysbios/rts/MemAlloc.xdt in the software development kit for microcontroller families SimpleLink, including CC13XX, CC26XX, CC32XX, and MSP432E4, is caused by a numerical overflow. Exploiting this vulnerability c...
CVE-2021-22677
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...
CVE-2021-22677
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...
Integer overflow
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...
CVE-2021-22677
The CVE-2021-22677 entry concerns an integer overflow in the host MCU API when attempting to connect to a Wi‑Fi network, potentially enabling denial‑of‑service or code execution. Affected TI SimpleLink families and SDKs include MSP432E4 (v4.20.00.12 and earlier), CC32XX (v4.30.00.06 and earlier),...
CVE-2021-22677
An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to...
CVE-2021-22673
The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...
CVE-2021-22673
The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...
CVE-2021-22671
Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prio...
CVE-2021-22671
Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prio...
Integer overflow
Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK versions prio...
Stack overflow
The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...
CVE-2021-22673
The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...
CVE-2021-22673
The CVE-2021-22673 entry concerns Texas Instruments SimpleLink wireless MCUs. A stack-based buffer overflow bug occurs while processing over-the-air firmware updates from the CDN server, potentially allowing remote code execution on affected devices. Affected SDKs include MSP432E4 SDK v4.20.00.12...
CVE-2021-22679
The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior to v4.10.03, CC13X2 and CC26XX SDK...