Ori Karliner

9 exploits Active since Dec 2018
CVE-2018-16522 WRITEUP HIGH WRITEUP
Amazon Web Services (AWS) FreeRTOS <1.3.1 - Memory Corruption
Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
CVSS 8.1
CVE-2018-16523 WRITEUP HIGH WRITEUP
AWS FreeRTOS < 1.3.1 & FreeRTOS < 10.0.1 - DoS via Division by Zero in TCP/IP
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
CVSS 7.4
CVE-2018-16527 WRITEUP MEDIUM WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via ICMP Packet Parsing
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
CVSS 5.9
CVE-2018-16528 WRITEUP HIGH WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 - Remote Code Execution via mbedTLS Context Corruption
Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
CVSS 8.1
CVE-2018-16598 WRITEUP MEDIUM WRITEUP
AWS FreeRTOS <10.0.1 - Info Disclosure
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
CVSS 5.9
CVE-2018-16599 WRITEUP MEDIUM WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via NBNS Packet Parsing
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
CVSS 5.9
CVE-2018-16601 WRITEUP HIGH WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Integer Underflow in TCP/IP Stack
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
CVSS 8.1
CVE-2018-16602 WRITEUP MEDIUM WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via DHCP Response Parsing
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
CVSS 5.9
CVE-2018-16603 WRITEUP MEDIUM WRITEUP
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Exposure via TCP Packet Processing
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
CVSS 5.9