Vulnerability Spotlight: Arm Mbedtls X509 Ecdsa Invalid Public Key Code Execution Vulnerability

SERVERS

Vulnerability Discovered byAleksandar Nikolic

Overview

Talos is disclosing TALOS-2017-0274/CVE-2017-2784, a code execution vulnerability in ARM MbedTLS. This vulnerability is specifically related to how MbedTLS handles x509 certificates. MbedTLS is an SSL/TLS implementation aimed specifically at embedded devices that was previously known as PolarSSL.

The vulnerability exists in the part of the code responsible for handling elliptic curve cryptography keys. An attacker can trigger this vulnerability by providing a specially crafted x509 certificate to the target which performs a series of checks on the certificate. While performing these checks the application fails to properly parse the public key. This results in the invalid free of a stack pointer. There is a mitigating factor associated with this vulnerability in that the memory space that is pointed to is zeroed out shortly before the vulnerability is triggered. However, since it's designed to be used in embedded platforms that may not have modern heap exploitation mitigations in place it may be possible to achieve code execution in certain circumstances. Full details of the vulnerability are available in ouradvisory.

Cisco Price, Dell Price, Huawei Price, ZTE HPE Fortinet Switch Router Server At Low Price

SERVERS

HOT NEWS

Huawei Switches Visio Stencils

Huawei Switches Distributor in UAE

PoE vs PoE+ vs UPoE: What's the best switch to meet your network needs?

Understanding PoE Standards and Wattage

Power Supply Standards for POE Switches. Why is the Power Supply Distance Limited to 100 Meters?

How to Choose the Right 10G SFP+ Module: SR, LR, or LRM?

Huawei Switches: Comprehensive Guide and Insights

How Does Cisco Wireless Network Work?

How Do I Connect to a Cisco Wireless Router?

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide

Cisco Access Point and Wireless Controller Selector

Compare Cisco Wireless Architectures and AP Modes

Cisco Wireless Architectures and AP Modes

Joining Process of an Cisco Access Point

Cisco Wireless AP Datasheet

Cisco Wireless AP and Controllers: A Comprehensive Guide to Efficient Networking

Cisco Aironet 3700 Series Access Points Datasheet

Cisco Wireless AP License: Unlocking the Power of Cisco DNA Software for Wireless Networks

Set up a Wireless Network using a Wireless Access Point (WAP)

Cisco Wireless Access Point (AP) Modes Explained

Cisco Wireless AP Comparison: A Comprehensive Guide to Finding the Right Solution for Your Network Needs

Cisco Business Wireless Startup LED Status Codes

Regulatory Compliance (Rest of the World) for Domain Reduction

Getting Started with the Cisco Catalyst Wireless Mobile Application

Cisco Wireless AP Models

Cisco Wireless Access Points: Future-Proofing Connectivity for the Modern Workplace

Cisco 9300 Stacking Configuration Guide Book

Best Practices for Cisco Catalyst 9300 Switches

Cisco 9300 Switches Dimensions

Cisco Catalyst IE9300 Rugged Series Data Sheet

Vulnerability Spotlight: ARM Mbedtls x509 ECDSA invalid public key Code Execution Vulnerability

Overview

Hot Tags :

Ordering Guide

Resources

About Us