An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.

Published : 2018-12-06 23:29 Updated : 2019-01-03 23:59

CVSS Score More info
Score 4.3 / 10
Vendor Product Version URI
Amazon Amazon Web Services Freertos 1.3.1 cpe:/a:amazon:amazon_web_services_freertos:1.3.1
Amazon Freertos 10.0.1 cpe:/a:amazon:freertos:10.0.1
  1. Amazon (2) Search CVE
    1. Amazon Web Services Freertos (1) Search CVE
      1. 1.3.1
    2. Freertos (1) Search CVE
      1. 10.0.1


ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

History of changes

Date Event
2019-01-03 23:59
2018-12-06 23:29