Security Advisory

CVE-2020-10071

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-05 17:37:37

Last updated 2024-09-17 04:19:36

Assigner zephyr

State PUBLISHED

Description

The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.

← Browse all CVEs View on cve.org ↗