CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35609

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1117
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1117
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1117
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1117

Products affected by CVE-2020-35609

Microsoft » Azure Sphere » Version: 20.05

cpe:2.3:a:microsoft:azure_sphere:20.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35609

Products

Pricing

Contact Us