Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款产品安全漏洞
Vulnerability Description
AWS FreeRTOS、FreeRTOS、WHIS OpenRTOS和SafeRTOS都是使用在微控制器操作系统。WITTENSTEIN WHIS Connect middleware TCP/IP是一款使用在OpenRTOS和SafeRTOS系统中的WHIS连接中间件TCP/IP组件。 多款产品中存在安全漏洞,该漏洞源于‘xProcessReceivedTCPPacket’函数没有验证接收到的帧的大小是否足够容纳TCP报头。攻击者可通过发送特制的IP数据包利用该漏洞获取信息。以下产品和版本受到影响:A
CVSS Information
N/A
Vulnerability Type
N/A