exploitDog

CVE-2020-35609

Опубликовано: 22 дек. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1117
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1117
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1117
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1117
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:azure_sphere:20.05:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00166

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-835

Связанные уязвимости

GHSA-8xr7-5cxh-6x35

github

больше 3 лет назад

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.

EPSS

Процентиль: 38%

0.00166

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-835