CVE-2020-17437 — HIGH (8.2)

Q: How severe is CVE-2020-17437?

CVE-2020-17437 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-17437?

Check the references section above for vendor advisories and patch information. Affected products include: Uip Project Uip, Contiki-Os Contiki, Open-Iscsi Project Open-Iscsi, Siemens Sentron 3Va Com100 Firmware, Siemens Sentron 3Va Com100.

Vulnerability Description

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c.

CVSS Score

8.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Uip Project	Uip	<= 1.0
Contiki-Os	Contiki	<= 3.0
Open-Iscsi Project	Open-Iscsi	<= 2.1.7
Siemens	Sentron 3Va Com100 Firmware	< 4.4.1
Siemens	Sentron 3Va Com100	-
Siemens	Sentron 3Va Com800 Firmware	< 4.4.1
Siemens	Sentron 3Va Com800	-
Siemens	Sentron 3Va Dsp800 Firmware	< 4.0
Siemens	Sentron 3Va Dsp800	-
Siemens	Sentron Pac2200 Clp Firmware	-
Siemens	Sentron Pac2200 Clp	-
Siemens	Sentron Pac2200 Firmware	< 3.2.2
Siemens	Sentron Pac2200	-
Siemens	Sentron Pac3200 Firmware	< 2.4.7
Siemens	Sentron Pac3200	-
Siemens	Sentron Pac3200T Firmware	< 3.2.2
Siemens	Sentron Pac3200T	-
Siemens	Sentron Pac3220 Firmware	< 3.2.0
Siemens	Sentron Pac3220	-
Siemens	Sentron Pac4200 Firmware	< 2.3.0

Related Weaknesses (CWE)

CWE-787

References

https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdfPatchThird Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01Third Party AdvisoryUS Government Resource
https://www.kb.cert.org/vuls/id/815128Third Party AdvisoryUS Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdfPatchThird Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01Third Party AdvisoryUS Government Resource
https://www.kb.cert.org/vuls/id/815128Third Party AdvisoryUS Government Resource

FAQ

What is CVE-2020-17437?

CVE-2020-17437 is a vulnerability with a CVSS score of 8.2 (HIGH). An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to...

How severe is CVE-2020-17437?

CVE-2020-17437 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-17437?

Check the references section above for vendor advisories and patch information. Affected products include: Uip Project Uip, Contiki-Os Contiki, Open-Iscsi Project Open-Iscsi, Siemens Sentron 3Va Com100 Firmware, Siemens Sentron 3Va Com100.