Vulnerabilities (CVE)

Filtered by vendor Amazon Subscribe
Filtered by product Amazon Web Services Freertos
Total 13 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16522 1 Amazon 1 Amazon Web Services Freertos 2020-08-24 6.8 MEDIUM 8.1 HIGH
Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
CVE-2018-16525 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-10-03 6.8 MEDIUM 8.1 HIGH
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
CVE-2018-16526 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-10-03 6.8 MEDIUM 8.1 HIGH
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
CVE-2018-16528 1 Amazon 1 Amazon Web Services Freertos 2019-02-01 6.8 MEDIUM 8.1 HIGH
Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
CVE-2018-16523 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 5.8 MEDIUM 7.4 HIGH
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
CVE-2018-16524 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 4.3 MEDIUM 5.9 MEDIUM
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
CVE-2018-16527 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 4.3 MEDIUM 5.9 MEDIUM
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
CVE-2018-16598 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
CVE-2018-16599 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
CVE-2018-16600 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-03 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.
CVE-2018-16601 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-03 6.8 MEDIUM 8.1 HIGH
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
CVE-2018-16602 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-03 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
CVE-2018-16603 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-03 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.