Skip to main content

Azure Sphere CVE-2020-16981

MEDIUM
2020-11-11 secure@microsoft.com
6.1
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
6.1 MEDIUM
AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 11, 2020 - 07:15 cve.org
MEDIUM 6.1

DescriptionCVE.org

Azure Sphere Elevation of Privilege Vulnerability

AnalysisAI

Azure Sphere Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.1).

Technical ContextAI

Affected products include: Microsoft Azure Sphere.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-27080 CRITICAL POC
9.3 Mar 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated critical severity (CVSS 9.3), this vulnerability is no authent

CVE-2020-16970 HIGH POC
8.1 Nov 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authenticat

CVE-2020-35608 HIGH POC
7.8 Dec 22

A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Spher

CVE-2020-16992 HIGH POC
7.5 Nov 11

Azure Sphere Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.5). Public exploit code available.

CVE-2020-16994 HIGH POC
7.3 Nov 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authenticat

CVE-2020-16991 HIGH POC
7.3 Nov 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authenticat

CVE-2021-27074 MEDIUM POC
6.2 Mar 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentic

CVE-2020-16986 MEDIUM POC
6.2 Nov 11

Azure Sphere Denial of Service Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentication

CVE-2020-16985 MEDIUM POC
6.2 Nov 11

Azure Sphere Information Disclosure Vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is no authentica

CVE-2020-16982 MEDIUM POC
6.1 Nov 11

Azure Sphere Unsigned Code Execution Vulnerability. Rated medium severity (CVSS 6.1). Public exploit code available.

CVE-2020-35609 MEDIUM POC
5.5 Dec 22

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. Rated

CVE-2021-28460 HIGH
8.1 Apr 13

Azure Sphere Unsigned Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authenticat

Share

CVE-2020-16981 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy