CVE-2018-8531
Summary
| CVE | CVE-2018-8531 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-10-10 13:29:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge. |
Risk And Classification
Problem Types: CWE-787
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Azure Internet Of Things Edge | - | All | All | All |
| Application | Microsoft | Azure Internet Of Things Edge | - | All | All | All |
| Application | Microsoft | Csharp Software Development Kit | All | All | All | All |
| Application | Microsoft | Csharp Software Development Kit | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8531 | CONFIRM | portal.msrc.microsoft.com | Patch, Vendor Advisory |
| Microsoft Azure IoT Device Client SDK CVE-2018-8531 Remote Memory Corruption Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.