CVE-2023-39540
published 2024-02-20CVE-2023-39540: A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet…
PriorityP429medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
EPSS
0.81%
52.3th percentile
A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| silicon_labs | gecko_platform | — | — |
| weston-embedded | uc-tcp-ip | — | — |
| weston_embedded | uc-tcp-ip | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
blogs_talos·2024-02-28·CVSS 7.8
[HIGH] Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
## Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
Cisco Talos has disclosed more than 30 vulnerabilities in February, including seven in Adobe Acrobat Reader, one of the most popular PDF editing and reading software currently available.
Adversaries could exploit these vulnerabilities to trigger the reuse of a previously freed object, thus causing memory corruption and potentially arbitrary code execution on the targeted machine.
Other potential code execution vulnerabilities are also present in Weston Embedded µC/HTTP-server, a web server component in Weston Embedded's in-house operating system and an open-source library that processes several types of potentially sensitive medical tests.
For Snort coverage that can detect the exploitation of these
Talos
Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
blogs_talos·2024-02-28·CVSS 7.8
[HIGH] Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
Cisco Talos has disclosed more than 30 vulnerabilities in February, including seven in Adobe Acrobat Reader, one of the most popular PDF editing and reading software currently available.
Adversaries could exploit these vulnerabilities to trigger the reuse of a previously freed object, thus causing memory corruption and potentially arbitrary code execution on the targeted machine.
Other potential code execution vulnerabilities are also present in Weston Embedded µC/HTTP-server, a web server component in Weston Embedded's in-house operating system and an open-source library that processes several types of potentially sensitive medical tests.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerabil
2024-02-20
Published