CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22905

Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.2%

CVSS Severity

CVSS v3 Score 7.0

References

https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L125
https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L173-L175
https://github.com/ARMmbed/mbed-os/issues/15462
https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L125
https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L173-L175
https://github.com/ARMmbed/mbed-os/issues/15462

Products affected by CVE-2024-22905

Arm » Mbed Os » Version: 6.17.0

cpe:2.3:o:arm:mbed_os:6.17.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22905

Products

Pricing

Contact Us