Action not permitted
Modal body text goes here.
CVE-2020-17437
Vulnerability from cvelistv5
Published
2020-12-11 22:24
Modified
2024-08-04 13:53
Severity ?
EPSS score ?
Summary
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf | Patch, Third Party Advisory | |
| cve@mitre.org | https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | https://www.kb.cert.org/vuls/id/815128 | Third Party Advisory, US Government Resource |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:53:17.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-09T14:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/815128",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-17437",
"datePublished": "2020-12-11T22:24:38",
"dateReserved": "2020-08-07T00:00:00",
"dateUpdated": "2024-08-04T13:53:17.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-17437\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-12-11T23:15:12.683\",\"lastModified\":\"2022-08-08T14:57:57.177\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un problema en uIP versi\u00f3n 1.0, como es usado en Contiki versi\u00f3n 3.0 y otros productos.\u0026#xa0;Cuando el flag Urgent es ajustado en un paquete TCP, y la pila est\u00e1 configurada para ignorar los datos urgentes, la pila intenta usar el valor de los bytes del puntero Urgent para separar los datos Urgent de los datos normales, al calcular el desplazamiento en el que los datos normales deben estar presentes en el b\u00fafer global.\u0026#xa0;Sin embargo, no se comprueba la longitud de este desplazamiento;\u0026#xa0;por lo tanto, para valores grandes de bytes de puntero Urgent, el puntero de datos puede apuntar a la memoria que est\u00e1 mucho m\u00e1s all\u00e1 del b\u00fafer de datos en la funci\u00f3n uip_process en el archivo uip.c\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.4},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:uip_project:uip:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0\",\"matchCriteriaId\":\"98518C5F-7D0A-4B03-A062-651E613A01BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0\",\"matchCriteriaId\":\"EBD2BE71-F851-4136-816D-EF61154FD2C4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:open-iscsi_project:open-iscsi:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.1.7\",\"matchCriteriaId\":\"81144F12-C2BC-4789-A010-E437BD1C2833\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_3va_com100_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4.1\",\"matchCriteriaId\":\"507AAF60-4AFE-4D80-A698-13BD5818CAE7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_3va_com100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C308EF6-7893-44EF-978E-9019B0060911\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_3va_com800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4.1\",\"matchCriteriaId\":\"08B3AAE7-AAC6-4ECC-9338-AC8841336C59\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_3va_com800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CECE258-D12A-4483-AF4B-A63FAD08A767\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_3va_dsp800_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0\",\"matchCriteriaId\":\"2433BD7C-53EC-421E-A64F-B21F2C6A971E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_3va_dsp800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FA1D28-4B29-4318-B377-737A7F1CDF77\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac2200_clp_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21817081-5AE8-4097-B835-BBDE1E7FC798\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac2200_clp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DDE73C-D684-4987-B124-DD10E185459D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac2200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.2\",\"matchCriteriaId\":\"7A45625A-B498-4805-9B69-50099B7C96D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac2200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D86E3742-4BCD-4425-B7C8-5C0311AEBDCE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac3200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.7\",\"matchCriteriaId\":\"92EDAF30-8EC2-4C76-BD27-6C6084B9CA03\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"624451C4-149D-4FEE-B2FB-020574F03231\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac3200t_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.2\",\"matchCriteriaId\":\"AA4C0536-25FF-4A46-99D3-C40063EB5F93\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac3200t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11CE5687-8EEA-407F-BCE4-D1E6301F910C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac3220_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2.0\",\"matchCriteriaId\":\"9E106502-8480-496D-90BC-D2B5EADFC91C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac3220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"342EBD90-D831-4D99-97CA-13B8399EAD53\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:sentron_pac4200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.0\",\"matchCriteriaId\":\"E46CC95C-7941-4B23-A0E9-79AB18A6E9C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:sentron_pac4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48B5DE2-25BF-44A1-BB12-A734DD4A9560\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/815128\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
ghsa-cfgh-w4j7-hfhp
Vulnerability from github
Published
2022-05-24 17:36
Modified
2022-08-07 00:00
Severity ?
Details
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.
{
"affected": [],
"aliases": [
"CVE-2020-17437"
],
"database_specific": {
"cwe_ids": [
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-11T23:15:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.",
"id": "GHSA-cfgh-w4j7-hfhp",
"modified": "2022-08-07T00:00:29Z",
"published": "2022-05-24T17:36:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-17437"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/815128"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2020-17437
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-17437",
"description": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.",
"id": "GSD-2020-17437",
"references": [
"https://www.suse.com/security/cve/CVE-2020-17437.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-17437"
],
"details": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.",
"id": "GSD-2020-17437",
"modified": "2023-12-13T01:21:49.827350Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.kb.cert.org/vuls/id/815128",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:uip_project:uip:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:open-iscsi_project:open-iscsi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_com100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_com100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_com800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_com800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_dsp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_dsp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac2200_clp_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac2200_clp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3200t_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3200t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3220_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac4200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-17437"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"name": "https://www.kb.cert.org/vuls/id/815128",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
},
"lastModifiedDate": "2022-08-08T14:57Z",
"publishedDate": "2020-12-11T23:15Z"
}
}
}
var-202012-0245
Vulnerability from variot
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not Affected. Multiple Embedded TCP/IP is an efficient embedded stack developed using a verifiable process and strictly compliant with MISRA coding standards. ========================================================================= Ubuntu Security Notice USN-6259-1 July 27, 2023
open-iscsi vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in Open-iSCSI.
Software Description: - open-iscsi: Open Source iSCSI implementation
Details:
Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-13987)
Jos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that Open-iSCSI incorrectly handled certain parsing TCP MSS options. An attacker could possibly use this issue to cause a crash or cause unexpected behavior. (CVE-2020-13988)
Amine Amri and Stanislav Dashevskyi discovered that Open-iSCSI incorrectly handled certain TCP data. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-17437)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: open-iscsi 2.0.874-7.1ubuntu6.4
Ubuntu 18.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.874-5ubuntu2.11+esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro): open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3.7+esm1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6259-1 CVE-2020-13987, CVE-2020-13988, CVE-2020-17437
Package Information: https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0245",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "uip",
"scope": "lte",
"trust": 1.0,
"vendor": "uip",
"version": "1.0"
},
{
"model": "sentron pac3220",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2.0"
},
{
"model": "sentron pac2200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2.2"
},
{
"model": "sentron pac4200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "sentron pac3200",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.4.7"
},
{
"model": "sentron pac3200t",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2.2"
},
{
"model": "sentron 3va com800",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4.1"
},
{
"model": "open-iscsi",
"scope": "lte",
"trust": 1.0,
"vendor": "open iscsi",
"version": "2.1.7"
},
{
"model": "sentron pac2200 clp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sentron 3va dsp800",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "sentron 3va com100",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4.1"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-17437"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:uip_project:uip:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:open-iscsi_project:open-iscsi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_com100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_com100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_com800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_com800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_3va_dsp800_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_3va_dsp800:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac2200_clp_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac2200_clp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac2200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac2200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3200t_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3200t:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac3220_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac3220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sentron_pac4200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sentron_pac4200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-17437"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This document was written by Vijay Sarvepalli.Statement Date:\u00a0\u00a0 December 08, 2020",
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
}
],
"trust": 0.8
},
"cve": "CVE-2020-17437",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-17437",
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-17437",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-664",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-17437",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected\nCVE-2020-13985 Affected\nCVE-2020-13986 Affected\nCVE-2020-13987 Affected\nCVE-2020-13988 Affected\nCVE-2020-17437 Affected\nCVE-2020-17438 Affected\nCVE-2020-17439 Affected\nCVE-2020-17440 Affected\nCVE-2020-17441 Not Affected\nCVE-2020-17442 Not Affected\nCVE-2020-17443 Not Affected\nCVE-2020-17444 Not Affected\nCVE-2020-17445 Not Affected\nCVE-2020-17467 Not Affected\nCVE-2020-17468 Not Affected\nCVE-2020-17469 Not Affected\nCVE-2020-17470 Not Affected\nCVE-2020-24334 Affected\nCVE-2020-24335 Not Affected\nCVE-2020-24336 Affected\nCVE-2020-24337 Not Affected\nCVE-2020-24338 Not Affected\nCVE-2020-24339 Not Affected\nCVE-2020-24340 Not Affected\nCVE-2020-24341 Not Affected\nCVE-2020-24383 Not Affected\nCVE-2020-25107 Not Affected\nCVE-2020-25108 Not Affected\nCVE-2020-25109 Not Affected\nCVE-2020-25110 Not Affected\nCVE-2020-25111 Not Affected\nCVE-2020-25112 Not Affected\nCVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected\nCVE-2020-13985 Affected\nCVE-2020-13986 Affected\nCVE-2020-13987 Affected\nCVE-2020-13988 Affected\nCVE-2020-17437 Affected\nCVE-2020-17438 Affected\nCVE-2020-17439 Affected\nCVE-2020-17440 Affected\nCVE-2020-17441 Not Affected\nCVE-2020-17442 Not Affected\nCVE-2020-17443 Not Affected\nCVE-2020-17444 Not Affected\nCVE-2020-17445 Not Affected\nCVE-2020-17467 Not Affected\nCVE-2020-17468 Not Affected\nCVE-2020-17469 Not Affected\nCVE-2020-17470 Not Affected\nCVE-2020-24334 Affected\nCVE-2020-24335 Not Affected\nCVE-2020-24336 Affected\nCVE-2020-24337 Not Affected\nCVE-2020-24338 Not Affected\nCVE-2020-24339 Not Affected\nCVE-2020-24340 Not Affected\nCVE-2020-24341 Not Affected\nCVE-2020-24383 Not Affected\nCVE-2020-25107 Not Affected\nCVE-2020-25108 Not Affected\nCVE-2020-25109 Not Affected\nCVE-2020-25110 Not Affected\nCVE-2020-25111 Not Affected\nCVE-2020-25112 Not Affected\nCVE-2021-28362 Not Affected. Multiple Embedded TCP/IP is an efficient embedded stack developed using a verifiable process and strictly compliant with MISRA coding standards. =========================================================================\nUbuntu Security Notice USN-6259-1\nJuly 27, 2023\n\nopen-iscsi vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in Open-iSCSI. \n\nSoftware Description:\n- open-iscsi: Open Source iSCSI implementation\n\nDetails:\n\nJos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that\nOpen-iSCSI incorrectly handled certain checksums for IP packets. \nAn attacker could possibly use this issue to expose sensitive information. \n(CVE-2020-13987)\n\nJos Wetzels, Stanislav Dashevskyi, Amine Amri discovered that\nOpen-iSCSI incorrectly handled certain parsing TCP MSS options. \nAn attacker could possibly use this issue to cause a crash or cause\nunexpected behavior. (CVE-2020-13988)\n\nAmine Amri and Stanislav Dashevskyi discovered that Open-iSCSI\nincorrectly handled certain TCP data. An attacker could possibly\nuse this issue to expose sensitive information. (CVE-2020-17437)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n open-iscsi 2.0.874-7.1ubuntu6.4\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n open-iscsi 2.0.874-5ubuntu2.11+esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3.7+esm1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6259-1\n CVE-2020-13987, CVE-2020-13988, CVE-2020-17437\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
},
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "PACKETSTORM",
"id": "173799"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-17437",
"trust": 2.6
},
{
"db": "CERT/CC",
"id": "VU#815128",
"trust": 2.5
},
{
"db": "ICS CERT",
"id": "ICSA-20-343-01",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-541018",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-068-06",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.0767",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4143",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1235",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4363",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021122914",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-17437",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "173799",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "PACKETSTORM",
"id": "173799"
},
{
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"id": "VAR-202012-0245",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2023-12-18T11:07:20.870000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "uIP-Contiki-OS and uIP Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=136802"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=6f577a90958bcf377827f0a4058f673f"
},
{
"title": "Brocade Security Advisories: Access Denied\nAccess Denied",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=54887b0d314c8021dc2d190abfce740d"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-17437"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"trust": 2.3,
"url": "https://www.kb.cert.org/vuls/id/815128"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
},
{
"trust": 0.8,
"url": "cve-2020-13984 "
},
{
"trust": 0.8,
"url": "cve-2020-13985 "
},
{
"trust": 0.8,
"url": "cve-2020-13986 "
},
{
"trust": 0.8,
"url": "cve-2020-13987 "
},
{
"trust": 0.8,
"url": "cve-2020-13988 "
},
{
"trust": 0.8,
"url": "cve-2020-17437 "
},
{
"trust": 0.8,
"url": "cve-2020-17438 "
},
{
"trust": 0.8,
"url": "cve-2020-17439 "
},
{
"trust": 0.8,
"url": "cve-2020-17440 "
},
{
"trust": 0.8,
"url": "cve-2020-17441 "
},
{
"trust": 0.8,
"url": "cve-2020-17442 "
},
{
"trust": 0.8,
"url": "cve-2020-17443 "
},
{
"trust": 0.8,
"url": "cve-2020-17444 "
},
{
"trust": 0.8,
"url": "cve-2020-17445 "
},
{
"trust": 0.8,
"url": "cve-2020-17467 "
},
{
"trust": 0.8,
"url": "cve-2020-17468 "
},
{
"trust": 0.8,
"url": "cve-2020-17469 "
},
{
"trust": 0.8,
"url": "cve-2020-17470 "
},
{
"trust": 0.8,
"url": "cve-2020-24334 "
},
{
"trust": 0.8,
"url": "cve-2020-24335 "
},
{
"trust": 0.8,
"url": "cve-2020-24336 "
},
{
"trust": 0.8,
"url": "cve-2020-24337 "
},
{
"trust": 0.8,
"url": "cve-2020-24338 "
},
{
"trust": 0.8,
"url": "cve-2020-24339 "
},
{
"trust": 0.8,
"url": "cve-2020-24340 "
},
{
"trust": 0.8,
"url": "cve-2020-24341 "
},
{
"trust": 0.8,
"url": "cve-2020-24383 "
},
{
"trust": 0.8,
"url": "cve-2020-25107 "
},
{
"trust": 0.8,
"url": "cve-2020-25108 "
},
{
"trust": 0.8,
"url": "cve-2020-25109 "
},
{
"trust": 0.8,
"url": "cve-2020-25110 "
},
{
"trust": 0.8,
"url": "cve-2020-25111 "
},
{
"trust": 0.8,
"url": "cve-2020-25112 "
},
{
"trust": 0.8,
"url": "cve-2021-28362 "
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17437"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1235"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4143"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/uip-out-of-bounds-memory-reading-via-uip-process-34721"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021122914"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0767"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4363/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-06"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-068-06"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13988"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13987"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6259-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/open-iscsi/2.0.874-7.1ubuntu6.4"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "PACKETSTORM",
"id": "173799"
},
{
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#815128"
},
{
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"db": "PACKETSTORM",
"id": "173799"
},
{
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-08T00:00:00",
"db": "CERT/CC",
"id": "VU#815128"
},
{
"date": "2020-12-11T00:00:00",
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"date": "2023-07-27T14:33:18",
"db": "PACKETSTORM",
"id": "173799"
},
{
"date": "2020-12-11T23:15:12.683000",
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"date": "2020-12-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-11T00:00:00",
"db": "CERT/CC",
"id": "VU#815128"
},
{
"date": "2022-08-08T00:00:00",
"db": "VULMON",
"id": "CVE-2020-17437"
},
{
"date": "2022-08-08T14:57:57.177000",
"db": "NVD",
"id": "CVE-2020-17437"
},
{
"date": "2022-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Embedded TCP/IP stacks have memory corruption vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#815128"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-664"
}
],
"trust": 0.6
}
}
icsa-20-343-01
Vulnerability from csaf_cisa
Published
2020-12-08 00:00
Modified
2020-12-08 00:00
Summary
Multiple Embedded TCP/IP Stacks
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Various
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Daniel dos Santos",
"Stanislav Dashevskyi",
"Jos Wetzels",
"Amine Amri"
],
"organization": "Forescout Research Labs",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow attackers to corrupt memory, put devices into infinite loops, access unauthorized data, and/or poison DNS cache.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Various",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-20-343-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-343-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-343-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-343-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Multiple Embedded TCP/IP Stacks",
"tracking": {
"current_release_date": "2020-12-08T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-20-343-01",
"initial_release_date": "2020-12-08T00:00:00.000000Z",
"revision_history": [
{
"date": "2020-12-08T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-20-343-01 Multiple Embedded TCP-IP Stacks"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.0",
"product": {
"name": "uIP (EOL): Version 1.0 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "uIP (EOL)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 4.5",
"product": {
"name": "uIP-Contiki-NG: Version 4.5 and prior",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "uIP-Contiki-NG"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 5.1",
"product": {
"name": "Nut/Net: Version 5.1 and prior",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Nut/Net"
},
{
"branches": [
{
"category": "product_version",
"name": "4.6.3",
"product": {
"name": "FNET: Version 4.6.3",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "FNET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 2.1.12",
"product": {
"name": "open-iscsi: Version 2.1.12 and prior",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "open-iscsi"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.7.0",
"product": {
"name": "picoTCP (EOL): Version 1.7.0 and prior",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "picoTCP (EOL)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 3.0",
"product": {
"name": "uIP-Contiki-OS (end-of-life [EOL]): Version 3.0 and prior",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "uIP-Contiki-OS (end-of-life [EOL])"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.7.0",
"product": {
"name": "picoTCP-NG: Version 1.7.0 and prior",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "picoTCP-NG"
}
],
"category": "vendor",
"name": "multiple open source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-13984",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The function used in uIP-Contiki-OS to process IPv6 extension headers and extension header options can be forced into an infinite loop state due to unchecked header/option lengths.CVE-2020-13984 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13984"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-13985",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "The function used in uIP-Contiki-OS to decapsulate RPL extension headers does not check for unsafe integer conversion when parsing the values provided in a header, allowing an attacker to corrupt memory.CVE-2020-13985 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13985"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-13986",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The function used in uIP-Contiki-OS to decapsulate RPL extension headers does not check the length value of an RPL extension header received, allowing an attacker to cause it to enter an infinite loop.CVE-2020-13986 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13986"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-13987",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in open-iscsi, uIP-Contiki-OS, and uIP that parses incoming transport layer packets (TCP/UDP) does not check the length fields of packet headers against the data available in the packets. Given arbitrary lengths, an out-of-bounds memory read may be performed during the checksum computation.CVE-2020-13987 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13987"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-13988",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "The function in open-iscsi, uIP-Contiki-OS, and uIP that parses the TCP MSS option does not check the validity of the length field of this option, allowing an attacker to force it into an infinite loop when arbitrary TCP MSS values are supplied.CVE-2020-13988 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13988"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17437",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "When handling TCP urgent data in open-iscsi, uIP-Contiki-OS, and uIP, there are no sanity checks for the value of the urgent data pointer, allowing an attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets.CVE-2020-17437 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17437"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17438",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The function in open-iscsi and uIP that reassembles fragmented packets does not validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. This could lead to memory corruption.CVE-2020-17438 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17438"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17439",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Incoming DNS replies in uIP are parsed by the DNS client even if there were no outgoing queries. The DNS transaction ID is not sufficiently random. Provided that the DNS cache is quite small (four entries), this facilitates DNS cache poisoning attacks.CVE-2020-17439 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17439"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17440",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "summary",
"text": "When parsing incoming DNS packets in uIP-Contiki-NG, uIP-Contiki-OS, and uIP, there are no checks whether domain names are null-terminated. This allows an attacker to achieve memory corruption with crafted DNS responses.CVE-2020-17440 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17440"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17441",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In picoTCP-NG and picoTCP the payload length field of IPv6 extension headers are not checked against the data available in incoming packets, allowing an attacker to corrupt memory.CVE-2020-17441 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17441"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17442",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP-NG and picoTCP that processes the hop-by-hop extension header in IPv6 packets and its options lacks any checks against the length field of the header, allowing an attacker to cause the function to enter an infinite loop by supplying arbitrary length values.CVE-2020-17442 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17442"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17443",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "When processing ICMPv6 echo requests in picoTCP-NG and picoTCP, there are no checks for whether the ICMPv6 header consists of at least 8 bytes (set by RFC443). This leads to the function that creates ICMPv6 echo replies based on a received request with a smaller header to corrupt memory.CVE-2020-17443 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17443"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17444",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP-NG and picoTCP that processes IPv6 headers does not check the lengths of extension header options, allowing an attacker to force this function into an infinite loop with crafted length values.CVE-2020-17444 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17444"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17445",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP-NG and picoTCP that processes the IPv6 destination options extension header does not check the validity of its options lengths, allowing an attacker to corrupt memory and/or put the function into an infinite loop with crafted length values.CVE-2020-17445 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17445"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17467",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in FNET does not check whether domain names are null terminated when parsing Link-local Multicast Name Resolution (LLMNR) requests. This may allow an attacker to read out of bounds.CVE-2020-17467 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17467"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17468",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in FNET that processes the IPv6 hop-by-hop extension header does not check the validity of its options lengths, allowing an attacker to corrupt memory.CVE-2020-17468 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17468"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17469",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The IPv6 packet reassembly function in FNET does not check whether the received fragments are properly aligned in memory, allowing an attacker to perform memory corruption with crafted IPv6 fragmented packets.CVE-2020-17469 has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17469"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-17470",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The function in FNET that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they will be always set to 1), facilitating DNS cache poisoning attacks.CVE-2020-17470 has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17470"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24334",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in uIP-Contiki-NG, uIP-Contiki-OS, and uIP that processes DNS responses does not check whether the number of responses specified in the DNS packet header correspond to the response data available in the DNS packet, which may allow an attacker to corrupt memory.CVE-2020-24334 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24334"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24335",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in uIP-Contiki-NG, uIP-Contiki-OS, and uIP that parses domain names lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.CVE-2020-24335 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24335"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24336",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in uIP-Contiki-NG and uIP-Contiki-OS for parsing DNS records in DNS response packets sent over NAT64 does not validate the length field of the response records, allowing an attacker to corrupt memory.CVE-2020-24336 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24336"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24337",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP-NG and picoTCP that processes TCP options does not validate their lengths, allowing an attacker to put the function into an infinite loop with uncommon/unsupported TCP options that have crafted length values.CVE-2020-24337 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24337"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24338",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP and picoTCP-NG that parses domain names lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.CVE-2020-24338 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24338"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24339",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP and picoTCP-NG that processes DNS responses does not check whether the number of responses specified in the DNS packet header correspond to the response data available in the DNS packet, allowing an attacker to perform memory corruption.CVE-2020-24339 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24339"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24340",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in picoTCP and picoTCP-NG that processes DNS responses does not check whether the number of responses specified in the DNS packet header correspond to the response data available in the DNS packet, allowing an attacker to perform memory corruption.CVE-2020-24340 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24340"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24341",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The TCP input data processing function in picoTCP-NG and picoTCP does not validate the length of incoming TCP packets, allowing an attacker to read out of bounds and perform memory corruption.CVE-2020-24341 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24341"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-24383",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "summary",
"text": "When parsing incoming DNS packets in FNET,there are no checks whether domain names are null-terminated. This may allow an attacker to achieve memory corruption and/or memory leak.CVE-2020-24383 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24383"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25107",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in Nut/Net that processes DNS questions/responses has several issues: there is no check on whether a domain name is NULL-terminated; the DNS response data length is not checked (can be set to arbitrary value from a packet); the number of DNS queries/responses (set in DNS header) is not checked against the data present; the length byte of a domain name in a DNS query/response is not checked and is used for internal memory operations.CVE-2020-25107 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25107"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25108",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The function in Nut/Net that processes DNS questions/responses has several issues: there is no check on whether a domain name is NULL-terminated; the DNS response data length is not checked (can be set to arbitrary value from a packet); the number of DNS queries/responses (set in DNS header) is not checked against the data present; the length byte of a domain name in a DNS query/response is not checked and is used for internal memory operations.CVE-2020-25108 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25108"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25109",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in Nut/Net that processes DNS questions/responses has several issues: there is no check on whether a domain name is NULL-terminated; the DNS response data length is not checked (can be set to arbitrary value from a packet); the number of DNS queries/responses (set in DNS header) is not checked against the data present; the length byte of a domain name in a DNS query/response is not checked and is used for internal memory operations.CVE-2020-25109 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25109"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25110",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The function in Nut/Net that processes DNS questions/responses has several issues: there is no check on whether a domain name is NULL-terminated; the DNS response data length is not checked (can be set to arbitrary value from a packet); the number of DNS queries/responses (set in DNS header) is not checked against the data present; the length byte of a domain name in a DNS query/response is not checked and is used for internal memory operations.CVE-2020-25110 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25110"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25111",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The function in Nut/Net that processes DNS questions/responses has several issues: there is no check on whether a domain name is NULL-terminated; the DNS response data length is not checked (can be set to arbitrary value from a packet); the number of DNS queries/responses (set in DNS header) is not checked against the data present; the length byte of a domain name in a DNS query/response is not checked and is used for internal memory operations.CVE-2020-25111 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25111"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
},
{
"cve": "CVE-2020-25112",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Vulnerabilities in uIP-Contiki-OS (EOL) provide insufficient checks for the IPv4/IPv6 header length and inconsistent checks for the IPv6 header extension lengths, which may allow an attacker to corrupt memory.CVE-2020-25112 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25112"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Additional vendors affected by the reported vulnerabilities have also released security advisories related to their affected products. Those advisories are as follows:",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
],
"url": "https://yanzi.dev/#/security/advisories/2020-12-08"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008"
]
}
]
}
]
}
icsa-21-068-06
Vulnerability from csaf_cisa
Published
2021-03-09 00:00
Modified
2022-02-10 00:00
Summary
Siemens TCP/IP Stack Vulnerabilities-AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could cause a denial-of-service condition.
Critical infrastructure sectors
Energy
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Daniel dos Santos",
"Stanislav Dashevskyi",
"Jos Wetzels",
"Amine Amri"
],
"organization": "Forescout Research Labs",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could cause a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "external",
"summary": "SSA-541018: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SENTRON PAC / 3VA Devices (Part 2) - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-541018.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-06 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-06.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-06 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-06"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-541018: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SENTRON PAC / 3VA Devices (Part 2) - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
},
{
"category": "external",
"summary": "SSA-541018: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SENTRON PAC / 3VA Devices (Part 2) - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-541018.txt"
}
],
"title": "Siemens TCP/IP Stack Vulnerabilities-AMNESIA:33 in SENTRON PAC / 3VA Devices (Update C)",
"tracking": {
"current_release_date": "2022-02-10T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-068-06",
"initial_release_date": "2021-03-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-068-06 TCP-IP Stack Vulnerabilities\u2013AMNESIA:33 in SENTRON PAC 3VA Devices"
},
{
"date": "2021-05-11T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-21-068-06 Siemens TCP/IP Stack Vulnerabilities AMNESIA:33 in SENTRON PAC / 3VA Devices (Update A)"
},
{
"date": "2021-08-10T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-21-068-06 Siemens TCP/IP Stack Vulnerabilities AMNESIA:33 in SENTRON PAC / 3VA Devices (Update B)"
},
{
"date": "2022-02-10T00:00:00.000000Z",
"legacy_version": "C",
"number": "4",
"summary": "ICSA-21-068-06 Siemens TCP/IP Stack Vulnerabilities AMNESIA33 in SENTRON PAC 3VA Devices (Update C)"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V4.4.1",
"product": {
"name": "SENTRON 3VA COM100/800",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SENTRON 3VA COM100/800"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V4.0",
"product": {
"name": "SENTRON 3VA DSP800",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SENTRON 3VA DSP800"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SENTRON PAC2200 (with CLP Approval)",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "SENTRON PAC2200 (with CLP Approval)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.2.2",
"product": {
"name": "SENTRON PAC2200 (with MID Approval)",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "SENTRON PAC2200 (with MID Approval)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.2.2",
"product": {
"name": "SENTRON PAC2200 (without MID Approval)",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "SENTRON PAC2200 (without MID Approval)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V2.4.7",
"product": {
"name": "SENTRON PAC3200",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "SENTRON PAC3200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.2.2",
"product": {
"name": "SENTRON PAC3200T",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "SENTRON PAC3200T"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V3.2.0",
"product": {
"name": "SENTRON PAC3220",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "SENTRON PAC3220"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V2.3.0",
"product": {
"name": "SENTRON PAC4200",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "SENTRON PAC4200"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-13987",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The TCP/IP stack (uIP) in affected devices is vulnerable to out-of-bounds read when calculating the checksum for IP packets. (FSCT-2020-0009)\n\nAn attacker located in the same network could trigger a Denial-of-Service condition on the device by sending a specially crafted IP packet.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0006",
"CSAFPID-0009"
]
},
"references": [
{
"summary": "CVE-2020-13987 - SENTRON 3VA COM100/800",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109765343/"
},
{
"summary": "CVE-2020-13987 - SENTRON PAC3200",
"url": "https://support.industry.siemens.com/cs/ww/en/view/31674577/"
},
{
"summary": "CVE-2020-13987 - SENTRON PAC4200",
"url": "https://support.industry.siemens.com/cs/ww/en/view/35029840/"
},
{
"summary": "CVE-2020-13987 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-13987.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13987"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.4.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109765343/"
},
{
"category": "vendor_fix",
"details": "Update to V2.4.7 or later version",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/31674577/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3.0 or later version",
"product_ids": [
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/35029840/"
},
{
"category": "mitigation",
"details": "For successful exploitation, an attacking system must be located in the same Modbus TCP segment as a vulnerable device. Therefore ensure that only trusted systems are attached to that segment and only trusted persons have access.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0006",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0006",
"CSAFPID-0009"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0006",
"CSAFPID-0009"
]
}
],
"title": "CVE-2020-13987"
},
{
"cve": "CVE-2020-17437",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The TCP/IP stack (uIP) in affected devices is vulnerable to out-of-bounds write when processing TCP packets with urgent pointer (URG) where the location of the TCP data payload is calculated improperly. (FSCT-2020-0018)\n\nAn attacker located in the same network could trigger a Denial-of-Service condition on the device by sending a specially crafted IP packet.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
"references": [
{
"summary": "CVE-2020-17437 - SENTRON 3VA COM100/800",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109765343/"
},
{
"summary": "CVE-2020-17437 - SENTRON 3VA DSP800",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109799046/"
},
{
"summary": "CVE-2020-17437 - SENTRON PAC2200 (without MID Approval)",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109760897/"
},
{
"summary": "CVE-2020-17437 - SENTRON PAC3200",
"url": "https://support.industry.siemens.com/cs/ww/en/view/31674577/"
},
{
"summary": "CVE-2020-17437 - SENTRON PAC3200T",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793060/"
},
{
"summary": "CVE-2020-17437 - SENTRON PAC3220",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109780938/"
},
{
"summary": "CVE-2020-17437 - SENTRON PAC4200",
"url": "https://support.industry.siemens.com/cs/ww/en/view/35029840/"
},
{
"summary": "CVE-2020-17437 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-17437.json"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17437"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V4.4.1 or later version",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109765343/"
},
{
"category": "vendor_fix",
"details": "Update to V4.0 or later version",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109799046/"
},
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0003"
]
},
{
"category": "vendor_fix",
"details": "MID-certified devices do not support firmware updates; V3.2.2 is contained in devices that are labeled as \"M22 MID\"",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.2.2 or later version",
"product_ids": [
"CSAFPID-0005"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109760897/"
},
{
"category": "vendor_fix",
"details": "Update to V2.4.7 or later version",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/31674577/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.2 or later version",
"product_ids": [
"CSAFPID-0007"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793060/"
},
{
"category": "vendor_fix",
"details": "Update to V3.2.0 or later version",
"product_ids": [
"CSAFPID-0008"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109780938/"
},
{
"category": "vendor_fix",
"details": "Update to V2.3.0 or later version",
"product_ids": [
"CSAFPID-0009"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/35029840/"
},
{
"category": "mitigation",
"details": "For successful exploitation, an attacking system must be located in the same Modbus TCP segment as a vulnerable device. Therefore ensure that only trusted systems are attached to that segment and only trusted persons have access.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
}
],
"title": "CVE-2020-17437"
}
]
}
wid-sec-w-2022-1044
Vulnerability from csaf_certbund
Published
2020-12-08 23:00
Modified
2023-07-27 22:00
Summary
TCP/IP Stack: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der TCP/IP-Stack bzw. die Internet Protocol Suite ist eine Reihe von Kommunikationsprotokollen, die vom Internet oder ähnlichen Netzwerken verwendet werden.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in TCP/IP Stack ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, vertrauliche Daten einzusehen oder Daten zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der TCP/IP-Stack bzw. die Internet Protocol Suite ist eine Reihe von Kommunikationsprotokollen, die vom Internet oder \u00e4hnlichen Netzwerken verwendet werden.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in TCP/IP Stack ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, einen Denial of Service Angriff durchzuf\u00fchren, vertrauliche Daten einzusehen oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1044 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1044.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1044 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1044"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6259-1 vom 2023-07-27",
"url": "https://ubuntu.com/security/notices/USN-6259-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:1164-1 vom 2021-04-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-April/008619.html"
},
{
"category": "external",
"summary": "US ICS CERT Advisory ICSA-20-343-01 vom 2020-12-08",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01"
},
{
"category": "external",
"summary": "Pressemeldung des BSI vom 2020-12-08",
"url": "https://www.bsi.bund.de/DE/Presse/Kurzmeldungen/Meldungen/Amnesia_201208.html"
},
{
"category": "external",
"summary": "Unify Security Advisory Report OBSO-2101-01 vom 2021-01-08",
"url": "https://networks.unify.com/security/advisories/OBSO-2101-01.pdf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:0663-1 vom 2021-03-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-March/008407.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2806-1 vom 2022-08-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011912.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2861-1 vom 2022-08-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011958.html"
}
],
"source_lang": "en-US",
"title": "TCP/IP Stack: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-07-27T22:00:00.000+00:00",
"generator": {
"date": "2024-02-15T16:55:36.942+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-1044",
"initial_release_date": "2020-12-08T23:00:00.000+00:00",
"revision_history": [
{
"date": "2020-12-08T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2020-12-14T23:00:00.000+00:00",
"number": "2",
"summary": "Schreibfehler korrigiert"
},
{
"date": "2021-01-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Unify aufgenommen"
},
{
"date": "2021-03-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-04-13T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-08-15T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-08-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-07-27T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source TCP/IP Stack",
"product": {
"name": "Open Source TCP/IP Stack",
"product_id": "T017866",
"product_identification_helper": {
"cpe": "cpe:/a:open_source:tcpip_stack:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"category": "product_name",
"name": "Unify OpenScape 4000",
"product": {
"name": "Unify OpenScape 4000",
"product_id": "T018011",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_4000:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Alarm Response",
"product": {
"name": "Unify OpenScape Alarm Response",
"product_id": "T018013",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_alarm_response:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Business",
"product": {
"name": "Unify OpenScape Business",
"product_id": "T018012",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_business:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Common Management Platform",
"product": {
"name": "Unify OpenScape Common Management Platform",
"product_id": "T018017",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_common_management_platform:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Cordless IP",
"product": {
"name": "Unify OpenScape Cordless IP",
"product_id": "T018016",
"product_identification_helper": {
"cpe": "cpe:/a:unify:openscape_cordless_ip:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Desk Phone",
"product": {
"name": "Unify OpenScape Desk Phone",
"product_id": "T018015",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_deskphone:-"
}
}
},
{
"category": "product_name",
"name": "Unify OpenScape Xpert",
"product": {
"name": "Unify OpenScape Xpert",
"product_id": "T018014",
"product_identification_helper": {
"cpe": "cpe:/h:unify:openscape_xpert:-"
}
}
}
],
"category": "vendor",
"name": "Unify"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-13984",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-13984"
},
{
"cve": "CVE-2020-13985",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-13985"
},
{
"cve": "CVE-2020-13986",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-13986"
},
{
"cve": "CVE-2020-13987",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-13987"
},
{
"cve": "CVE-2020-13988",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-13988"
},
{
"cve": "CVE-2020-17437",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17437"
},
{
"cve": "CVE-2020-17438",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17438"
},
{
"cve": "CVE-2020-17439",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17439"
},
{
"cve": "CVE-2020-17440",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17440"
},
{
"cve": "CVE-2020-17441",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17441"
},
{
"cve": "CVE-2020-17442",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17442"
},
{
"cve": "CVE-2020-17443",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17443"
},
{
"cve": "CVE-2020-17444",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17444"
},
{
"cve": "CVE-2020-17445",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17445"
},
{
"cve": "CVE-2020-17467",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17467"
},
{
"cve": "CVE-2020-17468",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17468"
},
{
"cve": "CVE-2020-17469",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17469"
},
{
"cve": "CVE-2020-17470",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-17470"
},
{
"cve": "CVE-2020-24334",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24334"
},
{
"cve": "CVE-2020-24335",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24335"
},
{
"cve": "CVE-2020-24336",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24336"
},
{
"cve": "CVE-2020-24337",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24337"
},
{
"cve": "CVE-2020-24338",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24338"
},
{
"cve": "CVE-2020-24339",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24339"
},
{
"cve": "CVE-2020-24340",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24340"
},
{
"cve": "CVE-2020-24341",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24341"
},
{
"cve": "CVE-2020-24383",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-24383"
},
{
"cve": "CVE-2020-25107",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25107"
},
{
"cve": "CVE-2020-25108",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25108"
},
{
"cve": "CVE-2020-25109",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25109"
},
{
"cve": "CVE-2020-25110",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25110"
},
{
"cve": "CVE-2020-25111",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25111"
},
{
"cve": "CVE-2020-25112",
"notes": [
{
"category": "description",
"text": "Im TCP/IP Stack existieren mehrere Schwachstellen in einer Vielzahl von Produkten aus den Bereichen IoT, Gesundheitswesen, Industrie und anderen Produkten von mehr als 150 verschiedenen Anbietern verwendet werden. Die Sammlung erhielt den Namen \"Amnesia:33\". Die Schwachstellen beruhen u. a. auf Puffer-\u00dcberlauf Fehlern, \"out-of-bounds\" Zugriffen oder Fehlern bei der Bereinigung von Eingaben. Ein Angreifer kann dieses zu Denial of Service Angriffen, zur Einsicht in vertrauliche Daten, zur Manipulation von Daten oder zur Ausf\u00fchrung von Code nutzen."
}
],
"product_status": {
"known_affected": [
"T018014",
"T018015",
"T018016",
"T018017",
"T002207",
"T000126",
"T017866",
"T018011",
"T018012",
"T018013"
]
},
"release_date": "2020-12-08T23:00:00Z",
"title": "CVE-2020-25112"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.