CVE-2018-16528

Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.

Published : 2018-12-06 23:29 Updated : 2019-02-01 17:22

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Amazon Amazon Web Services Freertos 1.3.1 cpe:/a:amazon:amazon_web_services_freertos:1.3.1
  1. Amazon (1) Search CVE
    1. Amazon Web Services Freertos (1) Search CVE
      1. 1.3.1

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes