1. Home
  2. CVE Database
  3. CVE-2023-48693
HIGH · 8.7

CVE-2023-48693

Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in para...

Vulnerability Description

Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in parameter checking mechanism in Azure RTOS ThreadX, which may lead to privilege escalation. The affected components include RTOS ThreadX v6.2.1 and below. The fixes have been included in ThreadX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS Score

8.7

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
LOW

Affected Products

VendorProductVersions
MicrosoftAzure Rtos Threadx< 6.3.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2023-48693?

CVE-2023-48693 is a vulnerability with a CVSS score of 8.7 (HIGH). Azure RTOS ThreadX is an advanced real-time operating system (RTOS) designed specifically for deeply embedded applications. An attacker can cause arbitrary read and write due to vulnerability in para...

How severe is CVE-2023-48693?

CVE-2023-48693 has been rated HIGH with a CVSS base score of 8.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-48693?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Azure Rtos Threadx.