Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-36478

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.

Published

2021-08-23T02:15:07.097

Last Modified

2024-11-21T05:29:38.247

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arm	mbed_tls	< 2.7.18	Yes
Application	arm	mbed_tls	< 2.16.9	Yes
Application	arm	mbed_tls	< 2.25.0	Yes
Operating System	siemens	logo\!_cmr2020_firmware	< 2.2	Yes
Hardware	siemens	logo\!_cmr2020	-	No
Operating System	siemens	logo\!_cmr2040_firmware	< 2.2	Yes
Hardware	siemens	logo\!_cmr2040	-	No
Operating System	siemens	simatic_rtu3031c_firmware	*	Yes
Hardware	siemens	simatic_rtu3031c	-	No
Operating System	siemens	simatic_rtu3041c_firmware	*	Yes
Hardware	siemens	simatic_rtu3041c	-	No
Operating System	siemens	simatic_rtu3030c_firmware	*	Yes
Hardware	siemens	simatic_rtu3030c	-	No
Operating System	siemens	simatic_rtu3000c_firmware	*	Yes
Hardware	siemens	simatic_rtu3000c	-	No
Operating System	debian	debian_linux	9.0	Yes
Operating System	debian	debian_linux	10.0	Yes

References

https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf Patch, Third Party Advisory ([email protected])
https://github.com/ARMmbed/mbedtls/issues/3629 Exploit, Third Party Advisory ([email protected])
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9 Release Notes, Third Party Advisory ([email protected])
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 Release Notes, Third Party Advisory ([email protected])
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18 Release Notes, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html Mailing List, Third Party Advisory ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ARMmbed/mbedtls/issues/3629 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)