Insufficient Argument Validation in Kscan Subsystem Allows Privilege Escalation
CVE-2020-10058 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions.
Learn more about our User Device Pen Test.