All the vulnerabilites related to siemens - simatic_rtu3000c
cve-2020-36475
Vulnerability from cvelistv5
Published
2021-08-23 00:00
Modified
2024-08-04 17:30
Severity ?
Summary
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.
References
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18
https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlmailing-list
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlmailing-list
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:30:08.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
          },
          {
            "name": "[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
          },
          {
            "name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-26T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
        },
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
        },
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
        },
        {
          "name": "[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
        },
        {
          "name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36475",
    "datePublished": "2021-08-23T00:00:00",
    "dateReserved": "2021-08-23T00:00:00",
    "dateUpdated": "2024-08-04T17:30:08.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-36478
Vulnerability from cvelistv5
Published
2021-08-23 00:00
Modified
2024-08-04 17:30
Severity ?
Summary
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.
References
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18
https://github.com/ARMmbed/mbedtls/issues/3629
https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlmailing-list
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlmailing-list
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:30:07.313Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ARMmbed/mbedtls/issues/3629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
          },
          {
            "name": "[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
          },
          {
            "name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-26T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
        },
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
        },
        {
          "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
        },
        {
          "url": "https://github.com/ARMmbed/mbedtls/issues/3629"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
        },
        {
          "name": "[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
        },
        {
          "name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36478",
    "datePublished": "2021-08-23T00:00:00",
    "dateReserved": "2021-08-23T00:00:00",
    "dateUpdated": "2024-08-04T17:30:07.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2021-08-23 02:15
Modified
2024-11-21 05:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.
References
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatch, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/issues/3629Exploit, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release Notes, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release Notes, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release Notes, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/issues/3629Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing List, Third Party Advisory
Impacted products
Vendor Product Version
arm mbed_tls *
arm mbed_tls *
arm mbed_tls *
siemens logo\!_cmr2020_firmware *
siemens logo\!_cmr2020 -
siemens logo\!_cmr2040_firmware *
siemens logo\!_cmr2040 -
siemens simatic_rtu3031c_firmware *
siemens simatic_rtu3031c -
siemens simatic_rtu3041c_firmware *
siemens simatic_rtu3041c -
siemens simatic_rtu3030c_firmware *
siemens simatic_rtu3030c -
siemens simatic_rtu3000c_firmware *
siemens simatic_rtu3000c -
debian debian_linux 9.0
debian debian_linux 10.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1399656-491A-428C-B290-5303A59B7C0E",
              "versionEndExcluding": "2.7.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DD8F7D9-7E6F-4C31-A38C-D4B246F713FF",
              "versionEndExcluding": "2.16.9",
              "versionStartIncluding": "2.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57294BAA-C692-4C66-96E9-7B653E32D88C",
              "versionEndExcluding": "2.25.0",
              "versionStartIncluding": "2.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE9FB0B2-71ED-4208-B908-1C78CB15E372",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8E5F42B-63E3-4B2D-A03F-983F51EE0648",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD83A4C-DB7F-425C-882C-0DC809AD4A21",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED47A12-5637-40E2-BE39-B76B789C0DFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64954FA1-0F30-4D1D-8218-C3BA84C5AAF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3031c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F0595C-286F-4EB1-8C25-D20FB92A95A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3041c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0307A2DD-B616-4551-8C31-0B0EBE4A4B12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3041c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57561E2-DC49-4D11-BBF1-40E7B14A6873",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3C191-5CEE-46F7-9231-BD2E246130E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3030c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A66DD04-4C58-45D8-A8C5-6817B05DBA14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3000c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3325EA-59B3-4BB6-923D-0D89CB8AAC25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3000c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E902CE-D319-4FC9-BC9B-7D8DB83FAD9B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Una entrada de par\u00e1metros de algoritmo NULL parece id\u00e9ntica a una matriz de REAL (tama\u00f1o cero) y, por tanto, el certificado es considerado v\u00e1lido. Sin embargo, si los par\u00e1metros no coinciden de ninguna manera, el certificado debe considerarse no v\u00e1lido."
    }
  ],
  "id": "CVE-2020-36478",
  "lastModified": "2024-11-21T05:29:38.247",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-23T02:15:07.097",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/issues/3629"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/issues/3629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-08-23 02:15
Modified
2024-11-21 05:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs.
References
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatch, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release Notes, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release Notes, Third Party Advisory
cve@mitre.orghttps://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release Notes, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing List, Third Party Advisory
Impacted products
Vendor Product Version
arm mbed_tls *
arm mbed_tls *
arm mbed_tls *
siemens logo\!_cmr2020_firmware *
siemens logo\!_cmr2020 -
siemens logo\!_cmr2040_firmware *
siemens logo\!_cmr2040 -
siemens simatic_rtu3031c_firmware *
siemens simatic_rtu3031c -
siemens simatic_rtu3041c_firmware *
siemens simatic_rtu3041c -
siemens simatic_rtu3030c_firmware *
siemens simatic_rtu3030c -
siemens simatic_rtu3000c_firmware *
siemens simatic_rtu3000c -
debian debian_linux 9.0
debian debian_linux 10.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1399656-491A-428C-B290-5303A59B7C0E",
              "versionEndExcluding": "2.7.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DD8F7D9-7E6F-4C31-A38C-D4B246F713FF",
              "versionEndExcluding": "2.16.9",
              "versionStartIncluding": "2.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57294BAA-C692-4C66-96E9-7B653E32D88C",
              "versionEndExcluding": "2.25.0",
              "versionStartIncluding": "2.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE9FB0B2-71ED-4208-B908-1C78CB15E372",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8E5F42B-63E3-4B2D-A03F-983F51EE0648",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:logo\\!_cmr2040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECD83A4C-DB7F-425C-882C-0DC809AD4A21",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:logo\\!_cmr2040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ED47A12-5637-40E2-BE39-B76B789C0DFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "64954FA1-0F30-4D1D-8218-C3BA84C5AAF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3031c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F0595C-286F-4EB1-8C25-D20FB92A95A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3041c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0307A2DD-B616-4551-8C31-0B0EBE4A4B12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3041c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57561E2-DC49-4D11-BBF1-40E7B14A6873",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C3C191-5CEE-46F7-9231-BD2E246130E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3030c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A66DD04-4C58-45D8-A8C5-6817B05DBA14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rtu3000c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3325EA-59B3-4BB6-923D-0D89CB8AAC25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rtu3000c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E902CE-D319-4FC9-BC9B-7D8DB83FAD9B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Los c\u00e1lculos llevado a cabo por la funci\u00f3n  mbedtls_mpi_exp_mod no est\u00e1n limitados; por lo tanto, el suministro de par\u00e1metros demasiado grandes podr\u00eda conllevar a una denegaci\u00f3n de servicio cuando se generan pares de claves Diffie-Hellman."
    }
  ],
  "id": "CVE-2020-36475",
  "lastModified": "2024-11-21T05:29:37.603",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-23T02:15:06.930",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-131"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}