Realtek.eCOS.SDK.CVE-2022-27255.Buffer.Overflow
Description
This indicates an attempt to exploit a Buffer Overflow Vulnerability in Realtek eCos devices.
The vulnerability is caused by an error when the vulnerable software handles a crafted SIP packet that contains malicious SDP data. A remote attacker can exploit this vulnerability by sending specially crafted SDP data to the target server. Successful exploitation can lead to Denial-of-Service and likely remote code execution.
Affected Products
Realtek eCos RSDK 1.5.7p1
Realtek eCos MSDK 4.9.4p1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-27255.pdf
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2022-10-13 | 22.413 | Default_action:pass:drop |
2022-09-15 | 22.395 | Sig Added |
2022-09-01 | 22.385 | Sig Added |