Total
29 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-16992 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 7.5 HIGH |
Azure Sphere Elevation of Privilege Vulnerability | |||||
CVE-2020-16987 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 7.3 HIGH |
Azure Sphere Unsigned Code Execution Vulnerability | |||||
CVE-2020-35608 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. | |||||
CVE-2020-35609 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | |||||
CVE-2020-16986 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 2.1 LOW | 6.2 MEDIUM |
Azure Sphere Denial of Service Vulnerability | |||||
CVE-2020-16985 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 2.1 LOW | 6.2 MEDIUM |
Azure Sphere Information Disclosure Vulnerability | |||||
CVE-2020-16983 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 5.7 MEDIUM |
Azure Sphere Tampering Vulnerability | |||||
CVE-2020-16988 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 6.9 MEDIUM |
Azure Sphere Elevation of Privilege Vulnerability | |||||
CVE-2020-16982 | 1 Microsoft | 1 Azure Sphere | 2024-02-28 | 7.2 HIGH | 6.1 MEDIUM |
Azure Sphere Unsigned Code Execution Vulnerability |