Lucene search
K

6 matches found

OSV
OSV
added 2025/10/30 5:9 p.m.4 views

CVE-2025-64096 CryptoLib vulnerable to Stack Buffer Overflow in Crypto_Key_Update due to missing TLV length check

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to 1.4.2, there is a missing bounds check in CryptoKeyupdate...

8.8CVSS8.9AI score0.00464EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/11/29 6:56 p.m.12 views

CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...

6.9CVSS6.6AI score0.00726EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/11/29 6:56 p.m.17 views

CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...

6.9CVSS0.00726EPSS
Exploits1References7
CVE
CVE
added 2024/11/29 6:56 p.m.3424 views

CVE-2024-53980

RIOT OS vulnerability affecting CC2538 radio reception. A malicious actor can send a IEEE 802.15.4 packet with a spoofed length byte (and optionally spoofed FCS), causing the receiver to enter an endless loop. The root cause is the CRC position check: before PR #20998 the code used the full 8 bit...

7.5CVSS6.6AI score0.00726EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2024/11/29 6:56 p.m.4 views

CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...

6.9CVSS6.8AI score0.00726EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/11/29 12:0 a.m.3 views

PT-2024-35992 · Riot · Riot

Name of the Vulnerable Software and Affected Versions: RIOT affected versions not specified Description: A malicious actor can send a IEEE 802.15.4 packet with a spoofed length byte and optionally a spoofed FCS, resulting in an endless loop on a CC2538 receiver. The issue arises from the receiver...

6.9CVSS7AI score0.00726EPSS
Exploits1References10
Rows per page
Query Builder