CVE-2020-36478 — HIGH (7.5)

Q: How severe is CVE-2020-36478?

CVE-2020-36478 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-36478?

Check the references section above for vendor advisories and patch information. Affected products include: Arm Mbed Tls, Siemens Logo\! Cmr2020 Firmware, Siemens Logo\! Cmr2020, Siemens Logo\! Cmr2040 Firmware, Siemens Logo\! Cmr2040.

Vulnerability Description

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Arm	Mbed Tls	< 2.7.18
Siemens	Logo\! Cmr2020 Firmware	< 2.2
Siemens	Logo\! Cmr2020	-
Siemens	Logo\! Cmr2040 Firmware	< 2.2
Siemens	Logo\! Cmr2040	-
Siemens	Simatic Rtu3031C Firmware	All versions
Siemens	Simatic Rtu3031C	-
Siemens	Simatic Rtu3041C Firmware	All versions
Siemens	Simatic Rtu3041C	-
Siemens	Simatic Rtu3030C Firmware	All versions
Siemens	Simatic Rtu3030C	-
Siemens	Simatic Rtu3000C Firmware	All versions
Siemens	Simatic Rtu3000C	-
Debian	Debian Linux	9.0

Related Weaknesses (CWE)

CWE-295

References

https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatchThird Party Advisory
https://github.com/ARMmbed/mbedtls/issues/3629ExploitThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release NotesThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release NotesThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release NotesThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing ListThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdfPatchThird Party Advisory
https://github.com/ARMmbed/mbedtls/issues/3629ExploitThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9Release NotesThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0Release NotesThird Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18Release NotesThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/11/msg00021.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2020-36478?

CVE-2020-36478 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certific...

How severe is CVE-2020-36478?

CVE-2020-36478 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-36478?

Check the references section above for vendor advisories and patch information. Affected products include: Arm Mbed Tls, Siemens Logo\! Cmr2020 Firmware, Siemens Logo\! Cmr2020, Siemens Logo\! Cmr2040 Firmware, Siemens Logo\! Cmr2040.