Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.

Published

2020-12-11T23:15:12.683

Last Modified

2024-11-21T05:08:06.540

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

4.9

Weaknesses

Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	uip_project	uip	≤ 1.0	Yes
Operating System	contiki-os	contiki	≤ 3.0	No
Application	open-iscsi_project	open-iscsi	≤ 2.1.7	Yes
Operating System	siemens	sentron_3va_com100_firmware	< 4.4.1	Yes
Hardware	siemens	sentron_3va_com100	-	No
Operating System	siemens	sentron_3va_com800_firmware	< 4.4.1	Yes
Hardware	siemens	sentron_3va_com800	-	No
Operating System	siemens	sentron_3va_dsp800_firmware	< 4.0	Yes
Hardware	siemens	sentron_3va_dsp800	-	No
Operating System	siemens	sentron_pac2200_clp_firmware	-	Yes
Hardware	siemens	sentron_pac2200_clp	-	No
Operating System	siemens	sentron_pac2200_firmware	< 3.2.2	Yes
Hardware	siemens	sentron_pac2200	-	No
Operating System	siemens	sentron_pac3200_firmware	< 2.4.7	Yes
Hardware	siemens	sentron_pac3200	-	No
Operating System	siemens	sentron_pac3200t_firmware	< 3.2.2	Yes
Hardware	siemens	sentron_pac3200t	-	No
Operating System	siemens	sentron_pac3220_firmware	< 3.2.0	Yes
Hardware	siemens	sentron_pac3220	-	No
Operating System	siemens	sentron_pac4200_firmware	< 2.3.0	Yes
Hardware	siemens	sentron_pac4200	-	No

References

https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf Patch, Third Party Advisory ([email protected])
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 Third Party Advisory, US Government Resource ([email protected])
https://www.kb.cert.org/vuls/id/815128 Third Party Advisory, US Government Resource ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/815128 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)