Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Azure_sphere
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 29 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-11-11 | CVE-2020-16989 | Azure Sphere Elevation of Privilege Vulnerability | Azure_sphere | N/A | ||
| 2020-11-11 | CVE-2020-16991 | Azure Sphere Unsigned Code Execution Vulnerability | Azure_sphere | N/A | ||
| 2020-11-11 | CVE-2020-16992 | Azure Sphere Elevation of Privilege Vulnerability | Azure_sphere | N/A | ||
| 2020-11-11 | CVE-2020-16993 | Azure Sphere Elevation of Privilege Vulnerability | Azure_sphere | N/A | ||
| 2020-11-11 | CVE-2020-16994 | Azure Sphere Unsigned Code Execution Vulnerability | Azure_sphere | N/A | ||
| 2020-12-22 | CVE-2020-35609 | A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | Azure_sphere | 5.5 | ||
| 2020-12-22 | CVE-2020-35608 | A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. | Azure_sphere | 7.8 | ||
| 2021-03-11 | CVE-2021-27074 | Azure Sphere Unsigned Code Execution Vulnerability | Azure_sphere | N/A | ||
| 2021-03-11 | CVE-2021-27080 | Azure Sphere Unsigned Code Execution Vulnerability | Azure_sphere | N/A | ||
| 2021-04-13 | CVE-2021-28460 | Azure Sphere Unsigned Code Execution Vulnerability | Azure_sphere | N/A |