CVE-2018-16527

Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*
cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:52

Type Values Removed Values Added
References () https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ - Exploit, Third Party Advisory () https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ - Exploit, Third Party Advisory
References () https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ - Third Party Advisory () https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ - Third Party Advisory
References () https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md - Patch, Third Party Advisory () https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md - Patch, Third Party Advisory

Information

Published : 2018-12-06 23:29

Updated : 2024-11-21 03:52


NVD link : CVE-2018-16527

Mitre link : CVE-2018-16527

CVE.ORG link : CVE-2018-16527


JSON object : View

Products Affected

amazon

  • freertos
  • amazon_web_services_freertos
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor