CVE-2024-45064

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-45064
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-45064
Published
2025-04-02T14:15:43.157Z
Modified
2026-01-09T19:15:34.770189Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

References

Affected packages

Git
github.com/stmicroelectronics/x-cube-azrtos-f4

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-f4
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2375136d1a1946b7303a02d2fe1958399358c5f6
Last affected
c2a47c7747c0f6267729bf690dbeee2d0ac1cc0c

Affected versions

v1.*
v1.0.0
v1.0.1
v1.1.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-f7

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-f7
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
56f1f43de78553fbab6a48f02f00a5ed3cf7eba5
Last affected
de4e8cdb81a32552e8b02f7917c9b772f50c6999

Affected versions

v1.*
v1.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-g0

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-g0
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2b77e6fa7dd42cd60a959cff12abc8c3055dc543
Last affected
468d2c42a6fcedec0ca5b61c56211297f903f72e

Affected versions

v1.*
v1.0.0
v1.1.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-g4

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-g4
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
20a91a2e6f37b58bb424946535c7ac9111481128
Last affected
f9e9167a29157c9b8967f1a0f0a716f26608616c

Affected versions

v1.*
v1.0.0
v2.*
v2.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-h7

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-h7
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3e4c2f475bd18eaaec0c74b2719c9e9e19f7d66e
Last affected
7d082569e96865222c2fad4b22fe7eadf5ef6250
Last affected
96038b79833acbdb5bf92fac8bb0c0d45a5464b6
Last affected
e2c04f88a70c957dd1f424ca23ba93683dc3d85e

Affected versions

v1.*
v1.0.0
v1.0.0rc1
v1.0.1
v1.1.0
v2.*
v2.0.0
v2.0.1
v2.1.0
v3.*
v3.0.0
v3.1.0
v3.2.0
v3.3.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-l4

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-l4
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5b2b3afd5c6f5a2f542fb509dbd9880be45986fc
Last affected
821f884de9a2bcb47ce96dd459d3d6da74320aa5

Affected versions

v1.*
v1.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-l5

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-l5
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5dfacd3bc4b7c1ab7e3ccb616342533359c46d95
Last affected
65d6e4c05b365452f07c134acee5cc936c41bbef
Last affected
9f66d76eab6f42d5c73ec86c484fdbff4d0c3fc9

Affected versions

v1.*
v1.0.0
v1.1.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-wb

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-wb
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a5cc458e6529a8751255c01cb877d4db0033236a
Last affected
c20cbfa327981661c39d1f85bb00ccfd80d2428e
Last affected
c588113959d4e8d9b24b5cfeabd17651a15b4339

Affected versions

v1.*
v1.0.0
v1.1.0
v2.*
v2.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"
github.com/stmicroelectronics/x-cube-azrtos-wl

Affected ranges

Type
GIT
Repo
https://github.com/stmicroelectronics/x-cube-azrtos-wl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b0bca52b6e41bd42eee24e5a5843e1d9b1c56548
Last affected
c6c71ec513c28ce0a09fd2396bc7301e9028a2c1

Affected versions

v1.*
v1.0.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45064.json"