Embedded System Vulnerabilities
A focused list of vulnerabilities relevant to embedded and IoT devices.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2020-10058 | Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace… | High (7.8) | 2020-05-11 | Environment Specific |
| CVE-2020-10028 | Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr v… | High (7.8) | 2020-05-11 | Environment Specific |
| CVE-2020-10027 | An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. S… | High (7.8) | 2020-05-11 | Environment Specific |
| CVE-2020-10024 | The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who ha… | High (7.8) | 2020-05-11 | Environment Specific |
| CVE-2020-10023 | The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to caus… | Medium (6.9) | 2020-05-11 | Environment Specific |