Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Azure RTOS USBX Remote Code Execution Vulnerability
Vulnerability Description
Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in pictbridge and host class, related to PIMA, storage, CDC ACM, ECM, audio, hub in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
空指针解引用
Vulnerability Title
Azure RTOS USBX 安全漏洞
Vulnerability Description
Azure RTOS USBX是Azure RTOS开源的一个 USB 主机、设备和移动 (OTG) 嵌入式堆栈。与 Azure RTOS ThreadX 完全集成,可用于所有支持 Azure RTOS ThreadX 的处理器。 Azure RTOS USBX 6.3.0之前版本存在安全漏洞,该漏洞源于存在内存缓冲区和指针漏洞,攻击者利用该漏洞可能会导致远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A