A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.
5.6CVSS
5.5AI Score
0.001EPSS
A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge.
8.8CVSS
8.8AI Score
0.146EPSS
7CVSS
7.1AI Score
0.0005EPSS