{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T07:50:40.060","vulnerabilities":[{"cve":{"id":"CVE-2023-48691","sourceIdentifier":"security-advisories@github.com","published":"2023-12-05T01:15:07.747","lastModified":"2024-11-21T08:32:15.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause an out-of-bounds write in Azure RTOS NETX Duo, that could lead to remote code execution. The affected components include process related to IGMP protocol in RTOS v6.2.1 and below. The fix has been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."},{"lang":"es","value":"Azure RTOS NetX Duo es una pila de red TCP/IP diseñada específicamente para aplicaciones de IoT y en tiempo real profundamente integradas. Un atacante puede provocar una escritura fuera de los límites en Azure RTOS NETX Duo, lo que podría provocar la ejecución remota de código. Los componentes afectados incluyen procesos relacionados con el protocolo IGMP en RTOS v6.2.1 y versiones anteriores. La solución se incluyó en la versión 6.3.0 de NetX Duo. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:azure_rtos_netx_duo:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.0","matchCriteriaId":"401B08CC-CEC4-458C-B00D-5083B8DDC38A"}]}]}],"references":[{"url":"https://github.com/azure-rtos/netxduo/security/advisories/GHSA-fwmg-rj6g-w99p","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/azure-rtos/netxduo/security/advisories/GHSA-fwmg-rj6g-w99p","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}