Описание
A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.
Затрагиваемое ПО
St X-cube-azrt-h7rsSt X-cube-azrtos-f4St X-cube-azrtos-f7St X-cube-azrtos-g0St X-cube-azrtos-g4St X-cube-azrtos-h7St X-cube-azrtos-l4St X-cube-azrtos-l5St X-cube-azrtos-wbSt X-cube-azrtos-wl
CVSS
| Балл | 8.5 — высокая |
| Вектор | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Источники
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2096https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2096