IoT devices utilizing Microsoft’s uAMQP C library for Azure Cloud Services communication may be susceptible to RCE due to a critical vulnerability, CVE-2024-27099, with a CVSS score of 9.8. The flaw arises from a “double free” memory error, potentially exploitable by remote attackers without user interaction. The issue, resolved by a commit on Feb. 9, doesn’t affect the Python uAMQP library.