Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon freertos vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-16603
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can l...
Amazon Amazon Web Services Freertos
Amazon Freertos
7.8
CVSSv3
CVE-2021-43997
FreeRTOS versions 10.2.0 up to and including 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions up to and including 10.4.6 do not prevent a third party that has already independently gained the abilit...
Amazon Freertos 10.4.3
Amazon Freertos
1 Github repository
7.5
CVSSv3
CVE-2019-13120
Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT ...
Amazon Amazon Web Services Freertos
8.1
CVSSv3
CVE-2018-16522
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
Amazon Amazon Web Services Freertos
8.1
CVSSv3
CVE-2018-16528
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 allows remote malicious users to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
Amazon Amazon Web Services Freertos
9.8
CVSSv3
CVE-2021-31572
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
Amazon Freertos
9.8
CVSSv3
CVE-2021-31571
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in queue.c for queue creation.
Amazon Freertos
7.5
CVSSv3
CVE-2019-18178
Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cach...
Amazon Freertos\\+fat 160919a
7.8
CVSSv3
CVE-2021-27504
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution.
Amazon Freertos 10.4.1
Ti Simplelink Cc26xx Software Development Kit
Ti Simplelink Cc13xx Software Development Kit
Ti Simplelink Cc32xx Software Development Kit
Ti Simplelink Msp432e411y -
Ti Simplelink Msp432e401y -
9.8
CVSSv3
CVE-2021-32020
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has insufficient bounds checking during management of heap memory.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2