Описание
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:zephyrproject:zephyr:1.14.0:*:*:*:*:*:*:*
cpe:2.3:o:zephyrproject:zephyr:2.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00092
Низкий
7.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-697
CWE-697
Связанные уязвимости
github
больше 3 лет назад
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
EPSS
Процентиль: 26%
0.00092
Низкий
7.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-697
CWE-697