Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon freertos vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16527
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
Amazon Freertos
Amazon Amazon Web Services Freertos
7.2
CVSSv2
CVE-2021-43997
FreeRTOS versions 10.2.0 up to and including 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions up to and including 10.4.6 do not prevent a third party that has already independently gained the abilit...
Amazon Freertos 10.4.3
Amazon Freertos
1 Github repository
6.8
CVSSv2
CVE-2018-16522
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
Amazon Amazon Web Services Freertos
6.8
CVSSv2
CVE-2018-16528
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 allows remote malicious users to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
Amazon Amazon Web Services Freertos
4.3
CVSSv2
CVE-2019-13120
Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT ...
Amazon Amazon Web Services Freertos
7.5
CVSSv2
CVE-2021-31571
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in queue.c for queue creation.
Amazon Freertos
7.5
CVSSv2
CVE-2021-31572
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
Amazon Freertos
5
CVSSv2
CVE-2019-18178
Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cach...
Amazon Freertos\\+fat 160919a
NA
CVE-2021-27504
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution.
Amazon Freertos 10.4.1
Ti Simplelink Cc26xx Software Development Kit
Ti Simplelink Cc13xx Software Development Kit
Ti Simplelink Cc32xx Software Development Kit
Ti Simplelink Msp432e411y -
Ti Simplelink Msp432e401y -
7.5
CVSSv2
CVE-2021-32020
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has insufficient bounds checking during management of heap memory.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2