Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-48981

EPSS 0.29% · P53
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-48981

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does not drop packets with invalid identifiers but also does not set a safe default for the length of unknown packets' headers, leading to a buffer overflow. This can be leveraged into an arbitrary write by an attacker. It is possible to overwrite the pointer to a not-yet-allocated buffer that is supposed to receive the contents of the packet body. One can then overwrite the state variable used by the function to determine which state of packet parsing is currently occurring. Because the buffer is allocated when the last byte of the header has been copied, the combination of having a bad header length variable that will never match the counter variable and being able to overwrite the state variable with the resulting buffer overflow can be used to advance the function to the next step while skipping the buffer allocation and resulting pointer write. The next 16 bytes from the packet body are then written wherever the corrupted data pointer is pointing.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ARM Mbed OS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ARM Mbed OS是英国ARM公司的一套专用于物联网的开源嵌入式操作系统。 ARM Mbed OS 6.16.0版本存在安全漏洞,该漏洞源于在处理HCI数据包时,软件动态确定数据包头部长度的方式存在缺陷,导致未对无效标识符的数据包进行丢弃,也没有为未知数据包头部设置安全默认长度,从而引起缓冲区溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2024-48981

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-48981

登录查看更多情报信息。

Same Patch Batch · n/a · 2024-11-20 · 40 CVEs total

CVE-2024-114923.5 LOW115cms appurladd.html cross site scripting
CVE-2024-114913.5 LOW115cms useradmin.html cross site scripting
CVE-2024-114903.5 LOW115cms set.html cross site scripting
CVE-2024-114893.5 LOW115cms file.html cross site scripting
CVE-2024-114883.5 LOW115cms web_user.html cross site scripting
CVE-2024-114933.5 LOW115cms pageAE.html cross site scripting
CVE-2024-48530eSoft Planner 安全漏洞
CVE-2024-52770DedeBIZ 安全漏洞
CVE-2024-48983ARM Mbed OS 安全漏洞
CVE-2024-48531eSoft Planner 安全漏洞
CVE-2024-33439KASDA KW5515 安全漏洞
CVE-2024-52725SEMCMS 安全漏洞
CVE-2024-52765H3C GR-1800AX 安全漏洞
CVE-2024-52771DedeBIZ 安全漏洞
CVE-2024-52754D-Link DI-8400 安全漏洞
CVE-2024-52677HkCms 安全漏洞
CVE-2024-52702MyBB 安全漏洞
CVE-2024-52769DedeBIZ 安全漏洞
CVE-2024-52701Piwigo 安全漏洞
CVE-2024-52757D-Link DI-8400 安全漏洞

Showing top 20 of 40 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2024-48981

No comments yet

Leave a comment