Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26429 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 4.6 MEDIUM | 7.7 HIGH |
| Azure Sphere Elevation of Privilege Vulnerability | |||||
| CVE-2021-26428 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-42300 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 4.6 MEDIUM | 6.0 MEDIUM |
| Azure Sphere Tampering Vulnerability | |||||
| CVE-2021-41376 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 2.1 LOW | 2.3 LOW |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-41375 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 2.1 LOW | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-41374 | 1 Microsoft | 1 Azure Sphere | 2023-12-28 | 2.1 LOW | 6.7 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2022-35821 | 1 Microsoft | 1 Azure Sphere | 2023-12-10 | N/A | 4.4 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2020-35609 | 1 Microsoft | 1 Azure Sphere | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | |||||
| CVE-2020-35608 | 1 Microsoft | 1 Azure Sphere | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. | |||||