CVEDB API

Vulnerabilities

Vulnerable Software

Microsoft: >> Azure Sphere >> 20.07 Security Vulnerabilities

CVE-2022-35821

Azure Sphere Information Disclosure Vulnerability

CVSS Score

4.4

EPSS Score

0.004

Published

2022-08-09

CVE-2021-42300

Azure Sphere Tampering Vulnerability

CVSS Score

6.0

EPSS Score

0.002

Published

2021-11-10

CVE-2021-41374

Azure Sphere Information Disclosure Vulnerability

CVSS Score

6.7

EPSS Score

0.003

Published

2021-11-10

CVE-2021-41375

Azure Sphere Information Disclosure Vulnerability

CVSS Score

4.4

EPSS Score

0.004

Published

2021-11-10

CVE-2021-41376

Azure Sphere Information Disclosure Vulnerability

CVSS Score

2.3

EPSS Score

0.007

Published

2021-11-10

CVE-2021-36956

Azure Sphere Information Disclosure Vulnerability

CVSS Score

4.4

EPSS Score

0.004

Published

2021-09-15

CVE-2021-26428

Azure Sphere Information Disclosure Vulnerability

CVSS Score

4.4

EPSS Score

0.004

Published

2021-08-12

CVE-2021-26429

Azure Sphere Elevation of Privilege Vulnerability

CVSS Score

7.7

EPSS Score

0.006

Published

2021-08-12

CVE-2021-26430

Azure Sphere Denial of Service Vulnerability

CVSS Score

6.0

EPSS Score

0.002

Published

2021-08-12

CVE-2020-35608

A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability.

CVSS Score

7.8

EPSS Score

0.002

Published

2020-12-22

Page 1

Vulnerabilities

Vulnerable Software

Microsoft: >> Azure Sphere >> 20.07 Security Vulnerabilities

Products

Pricing

Contact Us