Vulnerability Note VU#590639
NXP Semiconductors MQX RTOS contains multiple vulnerabilities
Overview
The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client, which may lead to memory corruption allowing an attacker to execute arbitrary code, as well as an out of bounds read in the DNS client which may lead to a denial of service.
Description
The NXP Semiconductors MQX real-time operating system (RTOS) prior to version 5.1 is vulnerable to the following: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') - CVE-2017-12718 |
Impact
A remote, unauthenticated attacker may be able to send crafted DHCP or DNS packets to cause a buffer overflow and/or corrupt memory, leading to denial of service or code execution on the device. |
Solution
Apply an update/patch |
Vendor Information (Learn More)
Vendor | Status | Date Notified | Date Updated |
---|---|---|---|
NXP Semiconductors Inc. | Affected | 19 Jun 2017 | 10 Oct 2017 |
CVSS Metrics (Learn More)
Group | Score | Vector |
---|---|---|
Base | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Temporal | 7.3 | E:POC/RL:OF/RC:C |
Environmental | 5.5 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- https://ics-cert.us-cert.gov/advisories/ICSA-17-285-04
- http://cwe.mitre.org/data/definitions/120.html
- http://cwe.mitre.org/data/definitions/125.html
Credit
Thanks to Scott Gayou for reporting this vulnerability.
This document was written by Garret Wassermann.
Other Information
- CVE IDs: CVE-2017-12718 CVE-2017-12722
- Date Public: 12 Oct 2017
- Date First Published: 12 Oct 2017
- Date Last Updated: 13 Oct 2017
- Document Revision: 42
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.