CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27502

Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v3 Score 7.4

References

Products affected by CVE-2021-27502

Ti » Simplelink Cc13xx Software Development Kit » Version: Any

cpe:2.3:a:ti:simplelink_cc13xx_software_development_kit:*
Ti » Simplelink Cc26xx Software Development Kit » Version: Any

cpe:2.3:a:ti:simplelink_cc26xx_software_development_kit:*
Ti » Simplelink Cc32xx Software Development Kit » Version: N/A

cpe:2.3:a:ti:simplelink_cc32xx_software_development_kit:-
Ti » Simplelink Msp432e401y » Version: N/A

cpe:2.3:a:ti:simplelink_msp432e401y:-
Ti » Simplelink Msp432e411y » Version: N/A

cpe:2.3:a:ti:simplelink_msp432e411y:-
Ti » Cc3200 » Version: N/A

cpe:2.3:h:ti:cc3200:-
Ti » Cc3220r » Version: N/A

cpe:2.3:h:ti:cc3220r:-
Ti » Cc3220s » Version: N/A

cpe:2.3:h:ti:cc3220s:-
Ti » Cc3220sf » Version: N/A

cpe:2.3:h:ti:cc3220sf:-
Ti » Cc3230s » Version: N/A

cpe:2.3:h:ti:cc3230s:-
Ti » Cc3230sf » Version: N/A

cpe:2.3:h:ti:cc3230sf:-
Ti » Cc3235s » Version: N/A

cpe:2.3:h:ti:cc3235s:-
Ti » Cc3235sf » Version: N/A

cpe:2.3:h:ti:cc3235sf:-
Ti » Real-Time Operating System » Version: N/A

cpe:2.3:o:ti:real-time_operating_system:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27502

Products

Pricing

Contact Us