Microsoft Azure Sphere vulnerabilities
29 known vulnerabilities affecting microsoft/azure_sphere.
Total CVEs
29
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH8MEDIUM20LOW1
Vulnerabilities
Page 1 of 2
CVE-2022-35821MEDIUMCVSS 4.4≥ 20.00, < 22.072022-08-09
CVE-2022-35821 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-41374MEDIUMCVSS 6.7≥ 20.00, < 22.072021-11-10
CVE-2021-41374 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-42300MEDIUMCVSS 6.0≥ 20.00, < 22.072021-11-10
CVE-2021-42300 [MEDIUM] Azure Sphere Tampering Vulnerability
Azure Sphere Tampering Vulnerability
Azure Sphere Tampering Vulnerability
cvelistv5
CVE-2021-41375MEDIUMCVSS 4.4≥ 20.00, < 22.072021-11-10
CVE-2021-41375 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-41376LOWCVSS 2.3≥ 20.00, < 22.072021-11-10
CVE-2021-41376 [LOW] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-36956MEDIUMCVSS 4.4≥ 20.00, < 21.082021-09-15
CVE-2021-36956 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-26429HIGHCVSS 7.7≥ 20.00, < 21.072021-08-12
CVE-2021-26429 [HIGH] Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere Elevation of Privilege Vulnerability
cvelistv5
CVE-2021-26428MEDIUMCVSS 4.4≥ 20.00, < 21.072021-08-12
CVE-2021-26428 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2021-26430MEDIUMCVSS 6.0≥ 20.00, < 21.072021-08-12
CVE-2021-26430 [MEDIUM] Azure Sphere Denial of Service Vulnerability
Azure Sphere Denial of Service Vulnerability
Azure Sphere Denial of Service Vulnerability
cvelistv5
CVE-2021-28460HIGHCVSS 7.8vN/A2021-04-13
CVE-2021-28460 [HIGH] CVE-2021-28460: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2021-27080HIGHCVSS 8.8vN/A2021-03-11
CVE-2021-27080 [CRITICAL] CVE-2021-27080: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2021-27074MEDIUMCVSS 5.5vN/A2021-03-11
CVE-2021-27074 [MEDIUM] CVE-2021-27074: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2020-35608HIGHCVSS 7.8v20.072020-12-22
CVE-2020-35608 [HIGH] CWE-74 CVE-2020-35608: A code execution vulnerability exists in the normal world’s signed code execution functionality of M
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerabil
nvd
CVE-2020-35609MEDIUMCVSS 5.5v20.052020-12-22
CVE-2020-35609 [MEDIUM] CWE-835 CVE-2020-35609: A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure
A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.
nvd
CVE-2020-16970HIGHCVSS 8.8fixed in 20.07≥ 20.00, < publication2020-11-11
CVE-2020-16970 [HIGH] CWE-415 CVE-2020-16970: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2020-16987HIGHCVSS 7.8fixed in 20.08≥ 20.00, < publication2020-11-11
CVE-2020-16987 [HIGH] CVE-2020-16987: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2020-16984HIGHCVSS 7.8fixed in 20.08≥ 20.00, < publication2020-11-11
CVE-2020-16984 [HIGH] CVE-2020-16984: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
CVE-2020-16992HIGHCVSS 7.5≥ 20.00, < publication2020-11-11
CVE-2020-16992 [HIGH] Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere Elevation of Privilege Vulnerability
cvelistv5
CVE-2020-16990MEDIUMCVSS 6.2≥ 20.00, < publication2020-11-11
CVE-2020-16990 [MEDIUM] Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
Azure Sphere Information Disclosure Vulnerability
cvelistv5
CVE-2020-16991MEDIUMCVSS 5.5fixed in 20.07≥ 20.00, < publication2020-11-11
CVE-2020-16991 [HIGH] CVE-2020-16991: Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere Unsigned Code Execution Vulnerability
cvelistv5nvd
1 / 2Next →