Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
23 September 2024
A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution.
The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stack-based overflow vulnerability in ASF's implementation of the tinydhcp server stemming from a lack of