Ti

Simplelink Cc32xx Software Development Kit

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-27502

  • EPSS 0.06%
  • Published 21.11.2023 18:15:07
  • Last modified 21.11.2024 05:58:07

Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in co...

7.8

CVE-2021-27504

  • EPSS 0.12%
  • Published 21.11.2023 18:15:07
  • Last modified 21.11.2024 05:58:07

Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution.

7.8

CVE-2021-22636

  • EPSS 0.04%
  • Published 20.11.2023 19:15:08
  • Last modified 21.11.2024 05:50:21

Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result i...

7.8

CVE-2021-27429

  • EPSS 0.04%
  • Published 20.11.2023 19:15:08
  • Last modified 21.11.2024 05:57:58

Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution.

5.3

CVE-2021-21966

Exploit
  • EPSS 2.02%
  • Published 16.02.2022 17:15:10
  • Last modified 21.11.2024 05:49:20

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP r...

7.8

CVE-2021-22677

  • EPSS 0.06%
  • Published 07.05.2021 16:15:08
  • Last modified 21.11.2024 05:50:27

An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network may lead to issues such as a denial-of-service condition or code execution on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30...

9.8

CVE-2021-22671

  • EPSS 0.7%
  • Published 07.05.2021 14:15:07
  • Last modified 21.11.2024 05:50:26

Multiple integer overflow issues exist while processing long domain names, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK versions prior ...

8

CVE-2021-22673

  • EPSS 0.74%
  • Published 07.05.2021 14:15:07
  • Last modified 21.11.2024 05:50:27

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, C...

7.2

CVE-2021-22675

  • EPSS 0.77%
  • Published 07.05.2021 13:15:07
  • Last modified 21.11.2024 05:50:27

The affected product is vulnerable to integer overflow while parsing malformed over-the-air firmware update files, which may allow an attacker to remotely execute code on SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 a...

9.8

CVE-2021-22679

  • EPSS 0.7%
  • Published 07.05.2021 13:15:07
  • Last modified 21.11.2024 05:50:27

The affected product is vulnerable to an integer overflow while processing HTTP headers, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi (MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK v...