Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-14934

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. If the number of variables in the request exceeds the allocated buffer, a memory write out of the buffer boundaries occurs. This write operation provides a possibility to overwrite other variables allocated in the .bss section by the application. Because the sender of the frame is in control of the content that will be written beyond the buffer limits, and there is no strict process memory separation, this issue may allow overwriting of sensitive memory areas of an IoT device.

Published

2020-08-18T17:15:11.347

Last Modified

2024-11-21T05:04:28.240

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	contiki-ng	contiki-ng	≤ 4.5	Yes

References

https://drive.google.com/file/d/1NIf0Y0S47Lu85uSi29kt9tgSh0jYZYfj/view?usp=sharing Third Party Advisory ([email protected])
https://github.com/contiki-ng/contiki-ng/issues/1352 Exploit, Third Party Advisory ([email protected])
https://drive.google.com/file/d/1NIf0Y0S47Lu85uSi29kt9tgSh0jYZYfj/view?usp=sharing Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/contiki-ng/contiki-ng/issues/1352 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)