CVE-2020-5735 — HIGH (8.8) — White Hats Nepal

Q: What is CVE-2020-5735?

CVE-2020-5735 is a vulnerability with a CVSS score of 8.8 (HIGH). Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

Q: How severe is CVE-2020-5735?

CVE-2020-5735 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-5735?

Check the references section above for vendor advisories and patch information. Affected products include: Amcrest 1080-Lite 8Ch Firmware, Amcrest 1080-Lite 8Ch, Amcrest Amdv10814-H5 Firmware, Amcrest Amdv10814-H5, Amcrest Ipm-721 Firmware.

Vulnerability Description

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Amcrest	1080-Lite 8Ch Firmware	-
Amcrest	1080-Lite 8Ch	-
Amcrest	Amdv10814-H5 Firmware	-
Amcrest	Amdv10814-H5	-
Amcrest	Ipm-721 Firmware	< v2.420.ac00.18.r.20200217
Amcrest	Ipm-721	-
Amcrest	Ip2M-841 Firmware	< v2.420.ac00.18.r.20200217
Amcrest	Ip2M-841	-
Amcrest	Ip2M-841-V3 Firmware	< v2.800.0000000.6.r.200314
Amcrest	Ip2M-841-V3	-
Amcrest	Ip2M-853Ew Firmware	< v2.623.00ac004.0.r.200316
Amcrest	Ip2M-853Ew	-
Amcrest	Ip2M-858W Firmware	< v2.623.00ac004.0.r.200316
Amcrest	Ip2M-858W	-
Amcrest	Ip2M-866W Firmware	< v2.623.00ac004.0.r.200316
Amcrest	Ip2M-866W	-
Amcrest	Ip2M-866Ew Firmware	< v2.623.00ac004.0.r.200316
Amcrest	Ip2M-866Ew	-
Amcrest	Ip4M-1053Ew Firmware	< v2.623.00ac004.0.r.200316
Amcrest	Ip4M-1053Ew	-

Related Weaknesses (CWE)

CWE-121 CWE-787

References

http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-DeExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2020-20Third Party Advisory
http://packetstormsecurity.com/files/157164/Amcrest-Dahua-NVR-Camera-IP2M-841-DeExploitThird Party AdvisoryVDB Entry
https://www.tenable.com/security/research/tra-2020-20Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-US Government Resource

FAQ

What is CVE-2020-5735?

CVE-2020-5735 is a vulnerability with a CVSS score of 8.8 (HIGH). Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

How severe is CVE-2020-5735?

CVE-2020-5735 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-5735?

Check the references section above for vendor advisories and patch information. Affected products include: Amcrest 1080-Lite 8Ch Firmware, Amcrest 1080-Lite 8Ch, Amcrest Amdv10814-H5 Firmware, Amcrest Amdv10814-H5, Amcrest Ipm-721 Firmware.