CVE-2018-8531

CVE Database · CVE-2018-8531

CVE-2018-8531

· N/AModified

CVSS v3.1

N/A

EPSS

15.19%

Published

Oct 10, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge.

Weaknesses (CWE)

CWE-787

Affected Products (2)

microsoft · azure_internet_of_things_edgevulnerable

microsoft · csharp_software_development_kitvulnerable

References (4)

http://www.securityfocus.com/bid/105472

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8531

PatchVendor Advisory

http://www.securityfocus.com/bid/105472

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8531

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs