Published: 13/09/2018 Updated: 12/12/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.6 | Impact Score: 3.4 | Exploitability Score: 2.2

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft c software development kit
microsoft java software development kit

It's September 2018, and Windows VMs can pwn their host servers by launching an evil app

The Register • Shaun Nichols in San Francisco • 11 Sep 2018

Too smart? There's also an old-fashioned image file RCE Safari, Edge fans: Is that really the website you think you're visiting? URL spoof bug blabbed

Admins will again be working overtime as Microsoft and Adobe have posted their monthly scheduled security updates for September. This month's Patch Tuesday bundle includes critical fixes for Windows, SQL Server, and Hyper V, as well as Flash and Cold Fusion. In total, Microsoft addressed 61 CVE-listed vulnerabilities this month, including 23 that would potentially allow for remote code execution. One of the more noteworthy of those bugs is CVE-2018-8475, a remote code flaw that can be triggered ...

CVE-2018-8479

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect